OpenVz Eth0

13 juillet 2013Christian ValléeOpenVz

Comment utiliser Eth0 au lieu de Venet0 dans une machine virtuelle

Sur la machine physique:

On ajoute l’interface eth0 sur la vm:

export VEID=999
vzctl set $VEID –netif_add eth0 –save

On configure le forwarding entre les interfaces

echo 1 > /proc/sys/net/ipv4/conf/veth$VEID.0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/veth$VEID.0/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/eth0/forwarding
echo 1 > /proc/sys/net/ipv4/conf/eth0/proxy_arp

Sur la machine Virtuelle:

/sbin/ifconfig eth0 0
/sbin/ip addr add a.b.c.d dev eth0
ifdown venet0:0
ifdown venet0
/sbin/ip route add default dev eth0

De retour sur la machine physique

route del a.b.c.d
ip route add a.b.c.d dev veth$VEID.0

Pour des changements permanents

sur la machine physique:

Making a veth-device persistent

At the moment, it is not possible to have the commands needed for a persistent veth being made automatically be vzctl. A bugreport (http://bugzilla.openvz.org/show_bug.cgi?id=301 ) has already been made. Until then, here’s a way to make the above steps persistent.

1. First, edit the VE’s configuration to specify what the veth’s IP address(es) should be, and to indicate that a custom script should be run when starting up a VE.

Open up /etc/vz/conf/VEID.conf
Comment out any IP_ADDRESS entries to prevent a VENET-device from being created in the VE
Add or change the entry CONFIG_CUSTOMIZED=”yes”
Add an entry VETH_IP_ADDRESS=”<VE IP>” The VE IP can have multiple IPs, separated by spaces

Ne pas oublier qu’il faut la definition de eth0 dans:

/etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
HWADDR=00:aa:bb:cc:dd:ee
IPV6INIT=no
IPV6_AUTOCONF=no
BOOTPROTO=static
IPADDR=a.b.c.d
NETMASK=255.255.255.255
ONBOOT=yes
PEERDNS=no
USERCTL=no

/etc/sysconfig/network

NETWORKING=”yes”
GATEWAYDEV=”eth0″
NETWORKING_IPV6=”no”
IPV6_DEFAULTDEV=”venet0″
HOSTNAME=”host”

2. Now to create that “custom script”. The following helper script will check the configuration file for IP addresses and for the veth interface, and configure the IP routing accordingly. Create the script /usr/sbin/vznetaddroute to have the following, and then chmod 0500 /usr/sbin/vznetaddrouteto make it executable.

/usr/sbin/vznetaddroute

#!/bin/bash
# /usr/sbin/vznetaddroute
# a script to bring up virtual network interfaces (veth’s) in a VECONFIGFILE=/etc/vz/conf/$VEID.conf
. $CONFIGFILE
VZHOSTIF=`echo $NETIF |sed ‘s/^.*host_ifname=$.*$,.*$/\1/g’`

if [ $CONFIG_CUSTOMIZED = “no” ]; then
echo “Customized = $CONFIG_CUSTOMIZED”
exit 0
fi

if [ ! -n “$VETH_IP_ADDRESS” ]; then
echo “According to $CONFIGFILE VE$VEID has no veth IPs configured.”
exit 1
fi

if [ ! -n “$VZHOSTIF” ]; then
echo “According to $CONFIGFILE VE$VEID has no veth interface configured.”
exit 1
fi

for IP in $VETH_IP_ADDRESS; do
echo “Adding interface $VZHOSTIF and route $IP for VE$VEID to CT0”
/sbin/ifconfig $VZHOSTIF 0
echo 1 > /proc/sys/net/ipv4/conf/$VZHOSTIF/proxy_arp
echo 1 > /proc/sys/net/ipv4/conf/$VZHOSTIF/forwarding
/sbin/ip route add $IP dev $VZHOSTIF
done

exit 0

3. Now create /etc/vz/vznet.conf containing the following. This is what defines the "custom script” as being the vznetaddroute which you just created.

/etc/vz/vznet.conf

#!/bin/bash
EXTERNAL_SCRIPT=”/usr/sbin/vznetaddroute”

4. Of course, the VE’s operating system will need to be configured with those IP address(es) as well. Consult the manual for your VE’s OS for details.

That’s it! At this point, when you restart the VE you should see a new line in the output, indicating that the interface is being configured and a new route being added. And you should be able to ping the host, and to enter the VE and use the network.