Open main menu

OpenVZ Virtuozzo Containers Wiki β

Changes

Using private IPs for Hardware Nodes

1,082 bytes added, 21:39, 12 September 2016
use template:legacy
{{Legacy}}
 
This article describes how to assign public IPs to containers running on OVZ Hardware Nodes in case you have a following network topology:
[[Image:PrivateIPs_fig1.gif|An initial network topology]]
 
== Using a spare IP in the same range ==
If you have a spare IP to use, you could assign this as a subinterface and use this as nameserver:
 
<pre>[HN] ifconfig eth0:1 *.*.*.*
[HN] vzctl set 101 --nameserver *.*.*.*</pre>
== Prerequisites ==
=== Hardware Node configuration ===
 
{{Warning|if you are '''configuring''' the node '''remotely''' you '''must''' prepare a '''script''' with the below commands and run it in background with the redirected output or you'll '''lose the access''' to the Node.}}
==== Create a bridge device ====
[HN]# ip route add default via 10.0.0.1 dev br0
{{Warning|if you are '''configuring''' the node '''remotely''' you '''must''' prepare a '''script''' with the above commands and run it in background with the redirected output or you'll '''lose the access''' to the Node.}}
==== A script example ====
==== Edit the container's configuration ====
Add these parameters to the <code>/etc/vz/conf/$CTID.conf</code> file which will be used during the network configuration:
* Add/change <code>CONFIG_CUSTOMIZED="yes"</code> (indicates that a custom script should be run on a container start)* Add <code>VETH_IP_ADDRESS="IP/MASK"</code> (a container can have multiple IPs separated by spaces)
* Add <code>VE_DEFAULT_GATEWAY="CT DEFAULT GATEWAY"</code>
* Add <code>BRIDGEDEV="BRIDGE NAME"</code> (a bridge name to which the container veth interface should be added)
An example:
<pre>
# Network customization section
CONFIG_CUSTOMIZED="yes"
VETH_IP_ADDRESS="85.86.87.195/26"
VE_DEFAULT_GATEWAY="85.86.87.193"
for str in $NETIF_OPTIONS; do \
# getting 'ifname' parameter value
if [[ echo "$str" =~ | grep -o "^ifname=" ]]; then
# remove the parameter name from the string (along with '=')
CTIFNAME=${str#*=};
fi
# getting 'host_ifname' parameter value
if [[ echo "$str" =~ | grep -o "^host_ifname=" ]]; then
# remove the parameter name from the string (along with '=')
VZHOSTIF=${str#*=};
IP_STRIP=${IP%%/*};
echo "Adding a route from CT0 to CT$VEIDusing $IP_STRIP."
$ip route add $IP_STRIP dev $CTROUTEDEV
done
exit 0
</pre>
<p><small>Note: this script can be easily extended to work for multiple triples &lt;bridge, ip address, veth device&gt;, see http://viresosysadmin-ivanov.blogspot.com/2008/02/2-veth-with-2-brindgesbridges-on-openvz-at.html </small></p>
==== Make the script to be run on a container start ====
{{Note|<code>/usr/sbin/vznetcfg.custom</code> should be executable (chmod +x /usr/sbin/vznetcfg.custom)}}
 
{{Note|When CT is stoped there are HW → CT route(s) still present in route table. We can use On-umount script for solve this.}}
 
==== Create On-umount script for remove HW → CT route(s) ====
which should be called each time a container with VEID (<code>/etc/vz/conf/$VEID.umount</code>), or any container (<code>/etc/vz/conf/vps.umount</code>) is stopped.
 
<pre>
#!/bin/bash
# /etc/vz/conf/$VEID.umount or /etc/vz/conf/vps.umount
# a script to remove routes to container with veth-bridge from bridge
 
CTCONFIGFILE=/etc/vz/conf/$VEID.conf
ip=/sbin/ip
. $CTCONFIGFILE
 
if [ ! -n "$VETH_IP_ADDRESS" ]; then
exit 0
fi
 
if [ ! -n "$BRIDGEDEV" ]; then
exit 0
fi
 
for IP in $VETH_IP_ADDRESS; do
# removing the netmask
IP_STRIP=${IP%%/*};
echo "Remove a route from CT0 to CT$VEID using $IP_STRIP."
$ip route del $IP_STRIP dev $BRIDGEDEV
done
 
exit 0
</pre>
 
{{Note|The script should be executable (chmod +x /etc/vz/conf/vps.umount)}}
==== Setting the route CT → HN ====
Retrieved from "https://wiki.openvz.org/Special:MobileDiff/4429...20941"