Managing Virtual Networks 2.2

A cluster node is connected to one or more networks that are available to the virtual machines through the corresponding bridges. To set up a virtual networks you just need to know the name of the bridge to bind the virtual machines to.

In this guide you'll learn how to define and use virtual networks. For the sake of completeness the following examples assumes that the cluster nodes are attached to two physical networks:

  • A private network, through the virtual bridge vbr0
  • A network with Internet connectivity, through vbr1

Defining a Virtual Network

OpenNebula allows for the creation of Virtual Networks by mapping them on top of the physical ones. All Virtual Networks are going to share a default value for the MAC preffix, set in the oned.conf file.

There are two types of Virtual Networks in OpenNebula:

  • Fixed, defines a fixed set of IP-MAC pair addresses
  • Ranged, defines a class network.

:!: Please note that any arbitrary value can be set in the Virtual Network template, and then used in the contextulization section of the VM. For instance, NETWORK_GATEWAY=“x.x.x.x” might be used to define the Virtual Network, and then used in the context section of the VM to configure its network to connect through the GATEWAY.

Fixed Virtual Networks

A fixed network consists of a set of IP addresses and associated MACs, defined in a text file.

We need four pieces of information to define a fixed VN:

  • NAME: Name of the Virtual Network.
  • PUBLIC: Public scope of the image. YES, the Virtual Network can be used by any user. NO, the Virtual Network can only be used by his owner. If omitted, the default value is NO.
  • TYPE: Fixed, in this case.
  • BRIDGE: Name of the physical bridge in the physical host where the VM should connect its network interface.
  • LEASES: Definition of the IP-MAC pairs. If an IP is defined, and there is no associated MAC, OpenNebula will generate it using the following rule: MAC = MAC_PREFFIX:IP. So, for example, from IP 10.0.0.1 and MAC_PREFFIX 00:16, we get 00:16:0a:00:00:01. Defining only a MAC address with no associated IP is not allowed.

For example to create a Fixed Virtual Network, called Public with the set of public IPs to be used by the VMs, just create a file with the following contents:

NAME = "Public"
TYPE = FIXED

#We have to bind this network to ''virbr1'' for Internet Access
BRIDGE = vbr1

LEASES = [IP=130.10.0.1, MAC=50:20:20:20:20:20]
LEASES = [IP=130.10.0.2, MAC=50:20:20:20:20:21]
LEASES = [IP=130.10.0.3]
LEASES = [IP=130.10.0.4]

#Custom Attributes to be used in Context
GATEWAY = 130.10.0.1
DNS     = 130.10.0.1

LOAD_BALANCER = 130.10.0.4

Ranged Virtual Networks

This type of VNs allows for a definition supported by a base network address and a size. So we need to define:

  • NAME: Name of the Virtual Network.
  • PUBLIC: Public scope of the image. YES, the Virtual Network can be used by any user. NO, the Virtual Network can only be used by his owner. If omitted, the default value is NO.
  • TYPE: Ranged, in this case.
  • BRIDGE: Name of the physical bridge.
  • NETWORK_ADDRESS: Base network address to generate IP addresses.
  • NETWORK_SIZE: Number of hosts that can be connected using this network. It can be defined either using a number or a network class (B or C).

The following is an example of a Ranged Virtual Network template:

NAME = "Red LAN"
TYPE = RANGED

# This vnet can be only used by the owner user
PUBLIC = NO

#Now we'll use the cluster private network (physical)
BRIDGE = vbr0

NETWORK_SIZE    = C
NETWORK_ADDRESS = 192.168.0.0

#Custom Attributes to be used in Context
GATEWAY = 192.168.0.1
DNS     = 192.168.0.1

LOAD_BALANCER = 192.168.0.3

Default value for the network size can be found in oned.conf.

Adding and Deleting Virtual Networks

Once a template for a VN has been defined, the onevnet command can be used to create it.

To create the previous networks put their definitions in two different files, public.net and red.net, respectively. Then, execute:

$ onevnet -v create public.net
$ onevnet -v create red.net

Also, onevnet can be used to query OpenNebula about available VNs:

$ onevnet list
  ID USER     NAME              TYPE BRIDGE P #LEASES
   2 oneadmin Public           Fixed   vbr1 Y       0
   3 oneadmin Red LAN         Ranged   vbr0 N       0
with USER the owner of the network and #LEASES the number of IP-MACs assigned to a VM from this network.

To delete a virtual network just use onevnet delete. For example to delete the previous networks:

$onevnet delete 2
$onevnet delete 'Red LAN'

:!: You can also check the IPs leased in a network with the onevnet show command

:!: Check the onevnet command help or reference guide for more options to list the virtual networks.

Adding and Removing Leases

You can add and remove leases to existing FIXED virtual networks. To do so, use the onevnet addleases and onevnet rmleases commands.

You can add leases specifying its IP and, optionally, its MAC. If the lease already exists, the action will fail.

$ onevnet addleases 2 130.10.0.10
$ onevnet addleases Public 130.10.0.11 50:20:20:20:20:31
$
$ onevnet addleases Public 130.10.0.1
Error: [VirtualNetworkAddLeases] Error trying to ADD LEASE NET [2]. Returned error code [-1].
Reason: Error inserting lease, IP 130.10.0.1 already exists

To remove existing leases from the network, they must be free (i.e., not used by any VM).

$ onevnet rmleases 2 130.10.0.3

Getting a Lease

A lease from a virtual network can be obtained by simply specifying the virtual network name in the NIC attribute.

For example, to define VM with two network interfaces, one connected to Red LAN and other connected to Public just include in the template:

NIC=[NETWORK="Public"]
NIC=[NETWORK="Red LAN"]

You can also request an specific address just by adding the IP or MAC attributes to NIC:

NIC=[NETWORK="Red LAN", IP=192.168.0.3]

When the VM is submitted, OpenNebula will look for available IPs in the Public and Red LAN virtual networks. If successful, the onevm show command should return information about the machine, including network information.

$ onevm show 12
VIRTUAL MACHINE 12 INFORMATION
ID             : 12
NAME           : server
STATE          : PENDING
LCM_STATE      : LCM_INIT
START TIME     : 07/15 15:30:53
END TIME       : -
DEPLOY ID:     : -

VIRTUAL MACHINE TEMPLATE
NAME=server
NIC=[
  BRIDGE=vbr1,
  IP=130.10.0.1,
  MAC=50:20:20:20:20:20,
  NETWORK=Public,
  NETWORK_ID=5 ]
NIC=[
  BRIDGE=eth0,
  IP=192.168.0.1,
  MAC=00:03:c0:a8:00:01,
  NETWORK=Red LAN,
  NETWORK_ID=4 ]
VMID=12
:!: Note that if OpenNebula is not able to obtain a lease from a network the submission will fail.

Now we can query OpenNebula with onevnet show to find out about given leases and other VN information:

$ onevnet list
  ID USER     NAME              TYPE BRIDGE P #LEASES
   4 oneadmin Red LAN         Ranged   vbr0 N       1
   5 oneadmin Public           Fixed   vbr1 Y       1
:!: Note that there is one LEASE active in each network

$ onevnet show 4
VIRTUAL NETWORK 4 INFORMATION
ID:       : 4
UID:      : 0
PUBLIC    : N

VIRTUAL NETWORK TEMPLATE
BRIDGE=eth0
NAME=Red LAN
NETWORK_ADDRESS=192.168.0.0
NETWORK_SIZE=C
TYPE=RANGED

LEASES INFORMATION
LEASE=[ IP=192.168.0.1, MAC=00:03:c0:a8:00:01, USED=1, VID=12 ]
:!: IP 192.168.0.1 is in use by Virtual Machine 12

Using the Leases within the Virtual Machine

Hypervisors can attach a specific MAC address to a virtual network interface, but Virtual Machines need to obtain an IP address. There are a variety of ways to achieve this within OpenNebula:

  • Obtain the IP from the MAC address, using the default MAC assignment schema (PREFERRED)

Configuring the Virtual Machine to Use the Leases

Please visit the contextualization guide to learn how to configure your Virtual Machines.

Using Sunstone to Manage Virtual Networks

You can also manage your virtual networks using the OpenNebula Cloud Operations Center. Select the Network tab, and there, you will be able to create, enable, disable, delete your virtual networks and even manage their publicity in a user friendly way.