Using private IPs for Hardware Nodes

From OpenVZ Virtuozzo Containers Wiki
Revision as of 08:22, 17 July 2007 by Finist (talk | contribs) (Add a veth interface to the VE)
Jump to: navigation, search

This article describes how to assign public IPs to VEs running on OVZ Hardware Nodes in case you have a following network topology: An initial network topology

Prerequisites

This article assumes you have already installed OpenVZ, prepared the OS template cache(s) and have VE(s) created. If not, follow the links to perform the steps needed.

Yellowpin.svg Note: don't assign an IP after VE creation.


(1) An OVZ Hardware Node has the only one ethernet interface

(assume eth0)

Hardware Node configuration

Create a bridge device

[HN]# brctl addbr br0

Remove an IP from eth0 interface

[HN]# ifconfig eth0 0

Add eth0 interface into the bridge

[HN]# brctl addif br0 eth0

Assign the IP to the bridge

(the same that was assigned on eth0 earlier) 

[HN]# ifconfig br0 10.0.0.2/24

Resurrect the default routing

[HN]# ip route add default via 10.0.0.1 dev br0
Yellowpin.svg Note: if you are configuring the node remotely you must prepare a script with the above commands and run it in background with the redirected output or you'll lose the access to the Node.

A script example

[HN]# cat /tmp/br_add 
#!/bin/bash

brctl addbr br0
ifconfig eth0 0 
brctl addif br0 eth0 
ifconfig br0 10.0.0.2/24 
ip route add default via 10.0.0.1 dev br0

[HN]# /tmp/br_add >/dev/null 2>&1 &


VE configuration

Start a VE

[HN]# vzctl start 101

Add a veth interface to the VE

[HN]# vzctl set 101 --netif_add eth0 --save

Set up an IP to the newly created VE's veth interface

[HN]# vzctl exec 101 ifconfig eth0 85.86.87.194/26

Set up the default route for the VE

[HN]# vzctl exec 101 ip route change default via 85.86.87.192 dev eth0

Add the VE's veth interface to the bridge

[HN]# brctl addif br0 veth101.0

(Optional) Make HN(s) to be accessible from a VE

The configuration above provides following connections available: 

VE X <-> VE Y (where VE X and VE Y can locate on any OVZ HN)
VE   <-> Internet
HN    -> VE

If you really need a VE to have an access to the HN(s) add an additional route rule: 

[HN]# vzctl exec 101 ip route add 10.0.0.0/24 dev eth0

The resulted OVZ Node configuration

The resulted OVZ Node configuration

Making the configuration persistent (TODO)

A Hardware Node configuration can be done with help of ordinary initscripts configuration i suppose,
while VEs configuration will require creating additional script based on Making a veth-device persistent scheme.

(2) An OVZ Hardware Node has two ethernet interfaces (TODO)

(assume eth0 and eth1)

Retrieved from "https://wiki.openvz.org/index.php?title=Using_private_IPs_for_Hardware_Nodes&oldid=3318"