Discussion:
[ovs-discuss] Open vSwitch, brcompatd & OpenVZ on Debian
Sam Gaw
2011-05-05 08:28:54 UTC
Permalink
I've been experimenting with OVS (1.1.0pre2) alongside OpenVZ running on Debian Squeeze (2.6.32-5) and was wondering if anyone had any experience or advice with this sort of setup?

Normally with OpenVZ I would create a bridge and add the containers' veth interfaces to the bridge. The config in /etc/network/interfaces ends up looking like:

allow-hotplug eth0
iface eth0 inet manual

auto vzbr0
iface vzbr0 inet static
address 10.0.0.1
netmask 255.255.255.0
gateway 10.0.0.254
bridge_ports eth0
bridge_stp off
bridge_fd 0

The command to join the container's eth0 veth interface to the bridge is just:

vzctl set 100 --netif_add eth0,,,,vzbr0 --save

Reading the Open vSwitch documentation on VLANs (http://openvswitch.org/?page_id=146) it describes exactly how I'd want the bridges to operate, as a VLAN trunk to my switches, but I'm not quite sure what config I'm expected to use to set the bridges up. I've tried creating a new bridge with both ovs-vsctl (add-br, add-port) and brctl but I'm not seeing any traffic going to my containers.

Any help is much appreciated.


---
Sam
Gregor Schaffrath
2011-05-05 09:22:47 UTC
Permalink
With brcompat, you should be able to set things up as they were before...

However - beware two issues I personally stumbled across:
1) if you don't start with a blank ovs configuration database at boot time, you'll end up with redundant entries in it, because the debian startup scripts will add interfaces again and again via brcompatd
2) mind that setting a vlan trunk on a port has a slightly different semantic with openvswitch compared to the std. linux bridge: as soon as you've added a trunk, you won't see _any_ traffic except this trunk on the port anymore (not even on eth0, if you created eth0.395 using vconf !)

Otherwise: To get an understanding on how to operate things... unless you want to bridge vlans, you could consider openvswitch just a manageable switch (setting port configuration by database manipulations - have a look at 'ovs-vsctl list Port' ; and don't forget to set the tag values for the virtual interfaces ;) )

Cheers,
Gregor.
Post by Sam Gaw
I've been experimenting with OVS (1.1.0pre2) alongside OpenVZ running on Debian Squeeze (2.6.32-5) and was wondering if anyone had any experience or advice with this sort of setup?
allow-hotplug eth0
iface eth0 inet manual
auto vzbr0
iface vzbr0 inet static
address 10.0.0.1
netmask 255.255.255.0
gateway 10.0.0.254
bridge_ports eth0
bridge_stp off
bridge_fd 0
vzctl set 100 --netif_add eth0,,,,vzbr0 --save
Reading the Open vSwitch documentation on VLANs (http://openvswitch.org/?page_id=146) it describes exactly how I'd want the bridges to operate, as a VLAN trunk to my switches, but I'm not quite sure what config I'm expected to use to set the bridges up. I've tried creating a new bridge with both ovs-vsctl (add-br, add-port) and brctl but I'm not seeing any traffic going to my containers.
Any help is much appreciated.
---
Sam
_______________________________________________
discuss mailing list
discuss at openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
Sam Gaw
2011-05-05 11:20:05 UTC
Permalink
Thanks Gregor.

That's what I thought but if I configure the bridge, either with ovs-vsctl or brctl, and do an ifup the box kernel panics. If I follow the cookbook example and then join the veth interface to it I can't see the container but get a response from pings; if I assign an IP to the bridge I can connect to the hardware node that OVS is running on.

I think this is more pilot error than anything else. Any ideas what I'm doing wrong?

Cheers.


---
Sam
Post by Gregor Schaffrath
With brcompat, you should be able to set things up as they were before...
1) if you don't start with a blank ovs configuration database at boot time, you'll end up with redundant entries in it, because the debian startup scripts will add interfaces again and again via brcompatd
2) mind that setting a vlan trunk on a port has a slightly different semantic with openvswitch compared to the std. linux bridge: as soon as you've added a trunk, you won't see _any_ traffic except this trunk on the port anymore (not even on eth0, if you created eth0.395 using vconf !)
Otherwise: To get an understanding on how to operate things... unless you want to bridge vlans, you could consider openvswitch just a manageable switch (setting port configuration by database manipulations - have a look at 'ovs-vsctl list Port' ; and don't forget to set the tag values for the virtual interfaces ;) )
Cheers,
Gregor.
Post by Sam Gaw
I've been experimenting with OVS (1.1.0pre2) alongside OpenVZ running on Debian Squeeze (2.6.32-5) and was wondering if anyone had any experience or advice with this sort of setup?
allow-hotplug eth0
iface eth0 inet manual
auto vzbr0
iface vzbr0 inet static
address 10.0.0.1
netmask 255.255.255.0
gateway 10.0.0.254
bridge_ports eth0
bridge_stp off
bridge_fd 0
vzctl set 100 --netif_add eth0,,,,vzbr0 --save
Reading the Open vSwitch documentation on VLANs (http://openvswitch.org/?page_id=146) it describes exactly how I'd want the bridges to operate, as a VLAN trunk to my switches, but I'm not quite sure what config I'm expected to use to set the bridges up. I've tried creating a new bridge with both ovs-vsctl (add-br, add-port) and brctl but I'm not seeing any traffic going to my containers.
Any help is much appreciated.
---
Sam
_______________________________________________
discuss mailing list
discuss at openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
Jesse Gross
2011-05-05 16:06:31 UTC
Permalink
Post by Sam Gaw
Thanks Gregor.
That's what I thought but if I configure the bridge, either with ovs-vsctl or brctl, and do an ifup the box kernel panics. If I follow the cookbook example and then join the veth interface to it I can't see the container but get a response from pings; if I assign an IP to the bridge I can connect to the hardware node that OVS is running on.
OpenVZ uses a patched version of the Linux kernel and OVS does not
support these modifications, which is why it panics.

Loading...