[libvirt] [PATCH] lxc: support <interface type='ethernet'>

Vasiliy Tolstov v.tolstov at selfip.ru
Wed May 25 15:13:15 UTC 2016 

2016-05-25 18:00 GMT+03:00 Laine Stump <laine at laine.org>:
> So $VM_GW is on the same subnet as $VM_IP/24 ? Is that also the same subnet
> as $HOST_IP? Or is that on a completely different network?
>
> (This is all very useful, because it's pointing out that the config of the
> two ends definitely aren't mirror images, so we really do need independent
> settings for both).
>

VM_GW on the same subnet as PEER , but on host side i apply /32
address, but inside vm /24.

>
>>
>> peer only used on host machine to determine on which interface kernel
>> needs to send traffic
>
>
> Well, you *could* do the same thing with a /30 subnet for each tap (so that
> your routing daemon would get a bunch of /30 routes pointing to your host
> for all of them), but that would use up a lot more address space.
>
>>
>>> (I'm not sure what the guest does with 169.254.169.254)
>>>
>>> What if you instead set the host to:
>>>
>>>          $HOST_IP peer $VM_IP/32
>>>
>>> and set the guest to:
>>>
>>>          $VM_IP peer $HOST_IP/32
>>>          route add default $HOST_IP
>>>
>>> ??
>>>
>> I don't use this scheme... If i set $VM_IP peer $HOST_IP/32 on host
>> machine i think kernel recieves packet and drop it =)
>
>
> No - you would set that on the *guest*, not the host. I setup an LXC
> container in this manner and everything seemed to work properly.
>

May be, but in case of qemu i use simple dhcp server and on vm simple
dhcp client. It can't assign peer addresses, may be this is works. I
don't try.
In my setup guest vm does not know host side of network, so it does
not need know about peer... Also i can live migrate guest without
changing....
(Changes only host side of network)


>
>>
>>> Anyway, it's important to know if you set the IP config on host and guest
>>> to
>>> exact mirrors of each other. It seems like the answer is "no", though, so
>>> i'm going to make a patch that allows what I was talking about last week:
>>>
>>>
>>>         <interface type='ethernet'>
>>>            <source>
>>>              <ip address='HOST_IP' family='ipv4' peer='VM_IP'
>>> prefix='32'/>
>>>              <ip address='VM_GW' family='ipv4' prefix='32'/>
>>>            </source>
>>>            <ip address='VM_IP' family='ipv4' peer='HOST_IP' prefix='24'/>
>>>            <route family='ipv4' address='0.0.0.0' gateway='HOST_IP'/>
>>>            ...
>>>        </interface>
>>>
>>> On qemu only the address info inside <source> would be used, since we
>>> don't
>>> have control over the guest's network config. On LXC, we can set both.
>>>
>>> Does that sound usable?
>>
>> Yes, but don't cleanup please  <ip address='VM_IP' family='ipv4'
>> peer='HOST_IP' prefix='24'/> in qemu case, because on somedays we can
>> launch dnsmasq or orhet software that can provide dhcp and use this
>> element..
>
>
> An interesting point - even if libvirt itself doesn't launch the dnsmasq, it
> could be done by a more intelligent script (one that received the full
> interface XML on stdin, as I discussed in my last mail), so we should
> probably just ignore it rather than complaining that it's unsupported...
>
> Thanks for the info!

Yes, i handmade my own dhcp server on golang what listens libvirt
hooks and serves needed addresses for needed tap devices.
So i have only one daemon that have stateless config (it get it via
libvirt xml). So i don't need database or something else.


-- 
Vasiliy Tolstov,
e-mail: v.tolstov at yoctocloud.net

More information about the libvir-list mailing list