Thanks Laine, I will take a look at Open vSwitch, it looks interesting. I am a generalist, I need to know enough about a lot of things to get many different tasks done, but do not have the in depth knowledge required to "patch" anything. If I manage to wrangle a working solution should I post it? Needless to say I would be supportive of said feature being implemented by those more competent than I... Jocularity aside, thanks for the heads up on Open vSwitch. *Paul O'Rorke* On 2020-06-29 9:13 a.m., Laine Stump wrote:> On 6/29/20 11:01 AM, Paul O'Rorke wrote: >> Hi all, >> >> I couldn't find any documentation on this, hopefully someone can >> point me in the right direction. >> >> I recently set up a sand-boxed environment for our developers. There >> are domain controller(s), workstations and servers in there. The >> whole thing is running on a single host using a "Virtual Network" >> defined in virt-manager on that host. >> >> Now I find I want to add more guests and there are not enough >> resources on this one host. Can I somehow make this Virtual Network >> available to two hosts? I do not want to move to a bridged network >> and have to physically join the two hosts with a discrete link when >> they are already on the same subnet at the host level. >> >> Is that possible? > > You might be able to this using OpenvSwitch (iow "probably can, but I > don't know the details" :-)) but libvirt doesn't have anything to set > it up for you; you would need to create and configure the OVS switch > outside of libvirt, then attach the libvirt guests to that switch > (using "<interface type='bridge'> ... <virtualport type='openvswitch'> > ...") > > I've idly thought about having this as a libvirt feature over the > years, but as I never have that many guests, it was never a personal > priority, and it wasn't immediately clear what was the best way to > handle, e.g. DHCP, and routing to the outside. Definitely "patches are > welcome" though :-) >--------------1B349411C2B3B295A9B82E2F Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: 8bit <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> </head> <body> <p>Thanks Laine,</p> <p>I will take a look at Open vSwitch, it looks interesting.</p> <p>I am a generalist, I need to know enough about a lot of things to get many different tasks done, but do not have the in depth knowledge required to "patch" anything. If I manage to wrangle a working solution should I post it?</p> <p>Needless to say I would be supportive of said feature being implemented by those more competent than I...<br> </p> <p>Jocularity aside, thanks for the heads up on Open vSwitch.<br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title></title> <p><b>Paul O'Rorke</b><br> <br> </p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> </div> <div class="moz-cite-prefix">On 2020-06-29 9:13 a.m., Laine Stump wrote:<br> </div> <blockquote type="cite" cite="mid:8bfffecb-e28c-410e-cfe5-0eff879dd4b4@redhat.com">On 6/29/20 11:01 AM, Paul O'Rorke wrote: <br> <blockquote type="cite">Hi all, <br> <br> I couldn't find any documentation on this, hopefully someone can point me in the right direction. <br> <br> I recently set up a sand-boxed environment for our developers. There are domain controller(s), workstations and servers in there. The whole thing is running on a single host using a "Virtual Network" defined in virt-manager on that host. <br> <br> Now I find I want to add more guests and there are not enough resources on this one host. Can I somehow make this Virtual Network available to two hosts? I do not want to move to a bridged network and have to physically join the two hosts with a discrete link when they are already on the same subnet at the host level. <br> <br> Is that possible? <br> </blockquote> <br> You might be able to this using OpenvSwitch (iow "probably can, but I don't know the details" :-)) but libvirt doesn't have anything to set it up for you; you would need to create and configure the OVS switch outside of libvirt, then attach the libvirt guests to that switch (using "<interface type='bridge'> ... <virtualport type='openvswitch'> ...") <br> <br> I've idly thought about having this as a libvirt feature over the years, but as I never have that many guests, it was never a personal priority, and it wasn't immediately clear what was the best way to handle, e.g. DHCP, and routing to the outside. Definitely "patches are welcome" though :-) <br> <br> </blockquote> </body> </html> --------------1B349411C2B3B295A9B82E2F--
On 6/29/20 12:43 PM, Paul O'Rorke wrote:> Thanks Laine, > > I will take a look at Open vSwitch, it looks interesting. > > I am a generalist, I need to know enough about a lot of things to get > many different tasks done, but do not have the in depth knowledge > required to "patch" anything. If I manage to wrangle a working solution > should I post it?Even a list of the steps you took to implement it manuall external to libvirt would be useful. Maybe that would inspire someone else to add support in libvirt virtual networks. We used to put stuff like that in the wiki, but I think the preferred location has changed / is changing and I'm not sure at the moment what the new norm is.> > Needless to say I would be supportive of said feature being implemented > by those more competent than I... > > Jocularity aside, thanks for the heads up on Open vSwitch. > > *Paul O'Rorke* > > > On 2020-06-29 9:13 a.m., Laine Stump wrote: >> On 6/29/20 11:01 AM, Paul O'Rorke wrote: >>> Hi all, >>> >>> I couldn't find any documentation on this, hopefully someone can >>> point me in the right direction. >>> >>> I recently set up a sand-boxed environment for our developers. There >>> are domain controller(s), workstations and servers in there. The >>> whole thing is running on a single host using a "Virtual Network" >>> defined in virt-manager on that host. >>> >>> Now I find I want to add more guests and there are not enough >>> resources on this one host. Can I somehow make this Virtual Network >>> available to two hosts? I do not want to move to a bridged network >>> and have to physically join the two hosts with a discrete link when >>> they are already on the same subnet at the host level. >>> >>> Is that possible? >> >> You might be able to this using OpenvSwitch (iow "probably can, but I >> don't know the details" :-)) but libvirt doesn't have anything to set >> it up for you; you would need to create and configure the OVS switch >> outside of libvirt, then attach the libvirt guests to that switch >> (using "<interface type='bridge'> ... <virtualport type='openvswitch'> >> ...") >> >> I've idly thought about having this as a libvirt feature over the >> years, but as I never have that many guests, it was never a personal >> priority, and it wasn't immediately clear what was the best way to >> handle, e.g. DHCP, and routing to the outside. Definitely "patches are >> welcome" though :-) >>
Paul, if you can set up a VLAN on your network infrastructure between the two hosts, I'll share the recipe I use with Open VSwitch. We trunk a VLAN between our hosts for sandboxed guests, setting up a OVS bridge on each host that handles guests but also has a connection onto the VLAN. Are you using any configuration tool? I've got this in Puppet but should be able to convert to a shell script. Cheers, - Peter On Mon, 29 Jun 2020 at 17:45, Paul O'Rorke <paul@tracker-software.com> wrote:> Thanks Laine, > > I will take a look at Open vSwitch, it looks interesting. > > I am a generalist, I need to know enough about a lot of things to get many > different tasks done, but do not have the in depth knowledge required to > "patch" anything. If I manage to wrangle a working solution should I post > it? > > Needless to say I would be supportive of said feature being implemented by > those more competent than I... > > Jocularity aside, thanks for the heads up on Open vSwitch. > > *Paul O'Rorke* > > > On 2020-06-29 9:13 a.m., Laine Stump wrote: > > On 6/29/20 11:01 AM, Paul O'Rorke wrote: > > Hi all, > > I couldn't find any documentation on this, hopefully someone can point me > in the right direction. > > I recently set up a sand-boxed environment for our developers. There are > domain controller(s), workstations and servers in there. The whole thing > is running on a single host using a "Virtual Network" defined in > virt-manager on that host. > > Now I find I want to add more guests and there are not enough resources on > this one host. Can I somehow make this Virtual Network available to two > hosts? I do not want to move to a bridged network and have to physically > join the two hosts with a discrete link when they are already on the same > subnet at the host level. > > Is that possible? > > > You might be able to this using OpenvSwitch (iow "probably can, but I > don't know the details" :-)) but libvirt doesn't have anything to set it up > for you; you would need to create and configure the OVS switch outside of > libvirt, then attach the libvirt guests to that switch (using "<interface > type='bridge'> ... <virtualport type='openvswitch'> ...") > > I've idly thought about having this as a libvirt feature over the years, > but as I never have that many guests, it was never a personal priority, and > it wasn't immediately clear what was the best way to handle, e.g. DHCP, and > routing to the outside. Definitely "patches are welcome" though :-) > >
Thanks Laine, I got another suggestion, off list, about using vxlans that I will also look into. I would be more than happy to post what I eventually decide to use for production. regards *Paul O'Rorke* On 2020-06-29 12:46 p.m., Laine Stump wrote:> On 6/29/20 12:43 PM, Paul O'Rorke wrote: >> Thanks Laine, >> >> I will take a look at Open vSwitch, it looks interesting. >> >> I am a generalist, I need to know enough about a lot of things to get >> many different tasks done, but do not have the in depth knowledge >> required to "patch" anything. If I manage to wrangle a working >> solution should I post it? > > Even a list of the steps you took to implement it manuall external to > libvirt would be useful. Maybe that would inspire someone else to add > support in libvirt virtual networks. We used to put stuff like that in > the wiki, but I think the preferred location has changed / is changing > and I'm not sure at the moment what the new norm is. > >> >> Needless to say I would be supportive of said feature being >> implemented by those more competent than I... >> >> Jocularity aside, thanks for the heads up on Open vSwitch. >> >> *Paul O'Rorke* >> >> >> On 2020-06-29 9:13 a.m., Laine Stump wrote: >>> On 6/29/20 11:01 AM, Paul O'Rorke wrote: >>>> Hi all, >>>> >>>> I couldn't find any documentation on this, hopefully someone can >>>> point me in the right direction. >>>> >>>> I recently set up a sand-boxed environment for our developers. >>>> There are domain controller(s), workstations and servers in there. >>>> The whole thing is running on a single host using a "Virtual >>>> Network" defined in virt-manager on that host. >>>> >>>> Now I find I want to add more guests and there are not enough >>>> resources on this one host. Can I somehow make this Virtual >>>> Network available to two hosts? I do not want to move to a bridged >>>> network and have to physically join the two hosts with a discrete >>>> link when they are already on the same subnet at the host level. >>>> >>>> Is that possible? >>> >>> You might be able to this using OpenvSwitch (iow "probably can, but >>> I don't know the details" :-)) but libvirt doesn't have anything to >>> set it up for you; you would need to create and configure the OVS >>> switch outside of libvirt, then attach the libvirt guests to that >>> switch (using "<interface type='bridge'> ... <virtualport >>> type='openvswitch'> ...") >>> >>> I've idly thought about having this as a libvirt feature over the >>> years, but as I never have that many guests, it was never a personal >>> priority, and it wasn't immediately clear what was the best way to >>> handle, e.g. DHCP, and routing to the outside. Definitely "patches >>> are welcome" though :-) >>> >--------------EC1312CCB45F0B05622B4107 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: 8bit <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> </head> <body> <p>Thanks Laine,</p> <p>I got another suggestion, off list, about using vxlans that I will also look into. <br> </p> <p>I would be more than happy to post what I eventually decide to use for production.</p> <p>regards</p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title></title> <p><b>Paul O'Rorke</b><br> <br> </p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> </div> <div class="moz-cite-prefix">On 2020-06-29 12:46 p.m., Laine Stump wrote:<br> </div> <blockquote type="cite" cite="mid:c06d6ed7-0d0c-4a5f-744d-3bcc81b96d83@redhat.com">On 6/29/20 12:43 PM, Paul O'Rorke wrote: <br> <blockquote type="cite">Thanks Laine, <br> <br> I will take a look at Open vSwitch, it looks interesting. <br> <br> I am a generalist, I need to know enough about a lot of things to get many different tasks done, but do not have the in depth knowledge required to "patch" anything. If I manage to wrangle a working solution should I post it? <br> </blockquote> <br> Even a list of the steps you took to implement it manuall external to libvirt would be useful. Maybe that would inspire someone else to add support in libvirt virtual networks. We used to put stuff like that in the wiki, but I think the preferred location has changed / is changing and I'm not sure at the moment what the new norm is. <br> <br> <blockquote type="cite"> <br> Needless to say I would be supportive of said feature being implemented by those more competent than I... <br> <br> Jocularity aside, thanks for the heads up on Open vSwitch. <br> <br> *Paul O'Rorke* <br> <br> <br> On 2020-06-29 9:13 a.m., Laine Stump wrote: <br> <blockquote type="cite">On 6/29/20 11:01 AM, Paul O'Rorke wrote: <br> <blockquote type="cite">Hi all, <br> <br> I couldn't find any documentation on this, hopefully someone can point me in the right direction. <br> <br> I recently set up a sand-boxed environment for our developers. There are domain controller(s), workstations and servers in there. The whole thing is running on a single host using a "Virtual Network" defined in virt-manager on that host. <br> <br> Now I find I want to add more guests and there are not enough resources on this one host. Can I somehow make this Virtual Network available to two hosts? I do not want to move to a bridged network and have to physically join the two hosts with a discrete link when they are already on the same subnet at the host level. <br> <br> Is that possible? <br> </blockquote> <br> You might be able to this using OpenvSwitch (iow "probably can, but I don't know the details" :-)) but libvirt doesn't have anything to set it up for you; you would need to create and configure the OVS switch outside of libvirt, then attach the libvirt guests to that switch (using "<interface type='bridge'> ... <virtualport type='openvswitch'> ...") <br> <br> I've idly thought about having this as a libvirt feature over the years, but as I never have that many guests, it was never a personal priority, and it wasn't immediately clear what was the best way to handle, e.g. DHCP, and routing to the outside. Definitely "patches are welcome" though :-) <br> <br> </blockquote> </blockquote> <br> </blockquote> </body> </html> --------------EC1312CCB45F0B05622B4107--
Hi Peter, I had not anticipated this much response. I do have VLANs on my switch(s). We are a modest operation and I configure without the use of any config tool as such. I would love to see your configuration, even if for Puppet, I expect it will be informative/helpful! Thanks for the offer. *Paul O'Rorke*/ <http://www.tracker-software.com/downloads/> On 2020-06-29 1:01 p.m., Peter Crowther wrote:> Paul, if you can set up a VLAN on your network infrastructure between > the two hosts, I'll share the recipe I use with Open VSwitch. We > trunk a VLAN between our hosts for sandboxed guests, setting up a OVS > bridge on each host that handles guests but also has a connection onto > the VLAN. Are you using any configuration tool? I've got this in > Puppet but should be able to convert to a shell script. > > Cheers, > > - Peter > > On Mon, 29 Jun 2020 at 17:45, Paul O'Rorke <paul@tracker-software.com > <mailto:paul@tracker-software.com>> wrote: > > Thanks Laine, > > I will take a look at Open vSwitch, it looks interesting. > > I am a generalist, I need to know enough about a lot of things to > get many different tasks done, but do not have the in depth > knowledge required to "patch" anything. If I manage to wrangle a > working solution should I post it? > > Needless to say I would be supportive of said feature being > implemented by those more competent than I... > > Jocularity aside, thanks for the heads up on Open vSwitch. > > *Paul O'Rorke* > > > On 2020-06-29 9:13 a.m., Laine Stump wrote: >> On 6/29/20 11:01 AM, Paul O'Rorke wrote: >>> Hi all, >>> >>> I couldn't find any documentation on this, hopefully someone can >>> point me in the right direction. >>> >>> I recently set up a sand-boxed environment for our developers. >>> There are domain controller(s), workstations and servers in >>> there. The whole thing is running on a single host using a >>> "Virtual Network" defined in virt-manager on that host. >>> >>> Now I find I want to add more guests and there are not enough >>> resources on this one host. Can I somehow make this Virtual >>> Network available to two hosts? I do not want to move to a >>> bridged network and have to physically join the two hosts with a >>> discrete link when they are already on the same subnet at the >>> host level. >>> >>> Is that possible? >> >> You might be able to this using OpenvSwitch (iow "probably can, >> but I don't know the details" :-)) but libvirt doesn't have >> anything to set it up for you; you would need to create and >> configure the OVS switch outside of libvirt, then attach the >> libvirt guests to that switch (using "<interface type='bridge'> >> ... <virtualport type='openvswitch'> ...") >> >> I've idly thought about having this as a libvirt feature over the >> years, but as I never have that many guests, it was never a >> personal priority, and it wasn't immediately clear what was the >> best way to handle, e.g. DHCP, and routing to the outside. >> Definitely "patches are welcome" though :-) >>--------------75E375362848896564613326 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: 8bit <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> </head> <body> <p>Hi Peter,</p> <p>I had not anticipated this much response. I do have VLANs on my switch(s). We are a modest operation and I configure without the use of any config tool as such. <br> </p> <p>I would love to see your configuration, even if for Puppet, I expect it will be informative/helpful!</p> <p>Thanks for the offer.<br> </p> <div class="moz-signature"> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title></title> <p><b>Paul O'Rorke</b><a href="http://www.tracker-software.com/downloads/">/</a></p> <p><br> <br> </p> <p style="margin-bottom: 0cm; line-height: 100%"><br> </p> </div> <div class="moz-cite-prefix">On 2020-06-29 1:01 p.m., Peter Crowther wrote:<br> </div> <blockquote type="cite" cite="mid:CALhdq6sGOX69BW=1MNLb54O0+4cTUONom--zDU+r_L3S=kac6w@mail.gmail.com"> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <div dir="ltr"> <div>Paul, if you can set up a VLAN on your network infrastructure between the two hosts, I'll share the recipe I use with Open VSwitch. We trunk a VLAN between our hosts for sandboxed guests, setting up a OVS bridge on each host that handles guests but also has a connection onto the VLAN. Are you using any configuration tool? I've got this in Puppet but should be able to convert to a shell script.</div> <div><br> </div> <div>Cheers,</div> <div><br> </div> <div>- Peter<br> </div> </div> <br> <div class="gmail_quote"> <div dir="ltr" class="gmail_attr">On Mon, 29 Jun 2020 at 17:45, Paul O'Rorke <<a href="mailto:paul@tracker-software.com" moz-do-not-send="true">paul@tracker-software.com</a>> wrote:<br> </div> <blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"> <div> <p>Thanks Laine,</p> <p>I will take a look at Open vSwitch, it looks interesting.</p> <p>I am a generalist, I need to know enough about a lot of things to get many different tasks done, but do not have the in depth knowledge required to "patch" anything. If I manage to wrangle a working solution should I post it?</p> <p>Needless to say I would be supportive of said feature being implemented by those more competent than I...<br> </p> <p>Jocularity aside, thanks for the heads up on Open vSwitch.<br> </p> <div> <p><b>Paul O'Rorke</b><br> <br> </p> <p style="margin-bottom:0cm;line-height:100%"><br> </p> </div> <div>On 2020-06-29 9:13 a.m., Laine Stump wrote:<br> </div> <blockquote type="cite">On 6/29/20 11:01 AM, Paul O'Rorke wrote: <br> <blockquote type="cite">Hi all, <br> <br> I couldn't find any documentation on this, hopefully someone can point me in the right direction. <br> <br> I recently set up a sand-boxed environment for our developers. There are domain controller(s), workstations and servers in there. The whole thing is running on a single host using a "Virtual Network" defined in virt-manager on that host. <br> <br> Now I find I want to add more guests and there are not enough resources on this one host. Can I somehow make this Virtual Network available to two hosts? I do not want to move to a bridged network and have to physically join the two hosts with a discrete link when they are already on the same subnet at the host level. <br> <br> Is that possible? <br> </blockquote> <br> You might be able to this using OpenvSwitch (iow "probably can, but I don't know the details" :-)) but libvirt doesn't have anything to set it up for you; you would need to create and configure the OVS switch outside of libvirt, then attach the libvirt guests to that switch (using "<interface type='bridge'> ... <virtualport type='openvswitch'> ...") <br> <br> I've idly thought about having this as a libvirt feature over the years, but as I never have that many guests, it was never a personal priority, and it wasn't immediately clear what was the best way to handle, e.g. DHCP, and routing to the outside. Definitely "patches are welcome" though :-) <br> <br> </blockquote> </div> </blockquote> </div> </blockquote> </body> </html> --------------75E375362848896564613326--