[libvirt] networking with two hosts
Radek Hladik
radek at eadresa.cz
Wed Feb 25 22:28:37 UTC 2009
Andreas Rittershofer napsal(a):
>
> Am 25.02.2009 um 00:11 schrieb David Lutterkort:
>
>> On Tue, 2009-02-24 at 14:25 +0100, Andreas Rittershofer wrote:
>>> Task 1.) Each VM must have network access to each other VM and to the
>>> outside.
>>> Task 2.) When one host fails, all VMs are running on the remainig host
>>> and 1.) must still be fulfilled.
>>>
>>> Does somebody has any hints about realising this scenario with libvirt
>>> and KVM?
>>
>> What you want is a 'shared network interface'[1]
>>
>> David
>>
>> [1]
>> http://wiki.libvirt.org/page/Networking#Bridged_networking_.28aka_.22shared_physical_device.22.29
>>
>>
>>
>
> Thank you for this answer - but it is too short.
>
> I'm working since two days on this problem but I cannot solve it until now.
>
> Some configurations are working when the VMs are on different nodes but
> are failing when all machines are running on one node and vice versa.
>
> Can you please go in more details?
>
> mfg ar
>
Basically the idea is like this. You have your hosts on one ethernet
segment. You create bridge on each hosts and put hosts physical adapter
into it (lets call the bridges BrA and BrB). The bridge behaves like a
virtual ethernet switch. You should configure IP on the bridge not on
the physical interface itself. And now if you add any other adapter into
the bridge, it will act as if it is directly on the ethernet. This has
been used for bridging two or more ethernet segments into one for a long
time.
If you setup your VMs correctly (see the wiki page for details),
libivirt will create hosts virtual adapter and add it to the bridge. For
example for VM1 running on A it will create i.e. vnet1 and add it to the
bridge BrA. The virtualized interface in the VM1 will have direct access
to the ethernet segment. It can have IP address from the same range as
the hosts, etc...
If the host A fails, then VM1 and VM2 will be down but the VM3 and VM4
wont be affected (besides they can not communicate with VM1 or VM2 of
course). However if you (live) migrate i.e. VM1 from A to B, its network
interface will be removed from BrA, destroyed, brought up on B and
inserted into BrB with the same MAC address. It will also send ARP
packet for all switches to update new location of that MAC address.
This can be done with very shot downtime and network operations
continues on new host without interruption.
Do not forget to setup firewall on hosts as it is described in wiki page.
Radek
More information about the libvir-list
mailing list