KVM Virtual Machine - how to set up a bridged guest?

[thorsten]

Hello,

I try run a guest within bridged mode: I do not manage at all - but it does not work at all. I had VMWare Server 2.0 runnung within Zentyal 2.0 and there were virtual adapter, e.g. VNET01 VNET02 etc.

Do I need to switch the real eth0 network adapter to Bridged mode? Do I need to set up virtual network adapters for eth0 (for static IPs)? What do I need to do??? Can somebody give a dummy how-to, please?

Thank you everybody in advance
Thorsten

[thorsten]

OK Everybody,

someone must have installed / run a KVM virtual machine within Zentyal using bridge, so please help - I am really desperate - I do not know how to get any Virtual machine from within Zentyal to my net... I would like to have at leaste a little idea on whats wrong...

THX
Thorsten

[jjm1982]

Though I haven't tried using virtual machine or even set anything up like this. I would think that you would have to add some type of routing protocol using your vlan as the network and your gateway as the zentyal server.

[thorsten]

Hi,

I do not have a V-Lan: I just made a clean install of Zentayl: I created a VM and tried to set it to bridged mode - however even within NAT it does not work at all. I can start the machine, but I get errors if I try to set it to bridged mode.

THX
Thorsten

[half_life]

I have not setup this under Zentyal but,  in a plain jane kvm setup,  you need to bridge the physical interface that you intend to share.  With that done,  you then point your vms to the bridged interface instead of the physical one. Below is a copy of what my /etc/network/interfaces file ends up looking like.  This is an Ubuntu server.

auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual

auto br0
iface br0 inet static
        address 173.167.XXX.XXX
        network 173.167.XXX.0
        netmask 255.255.255.248
        broadcast 173.167.XXX.255
        gateway 173.167.XXX.XXX
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0
        bridge_maxwait 0

auto eth1
iface eth1 inet manual

auto br1
iface br1 inet static
        address 10.3.54.16
        network 10.3.54.0
        netmask 255.255.255.0
        broadcast 10.3.54.255
#        gateway 10.3.54.15
        bridge_ports eth1
        bridge_stp off
        bridge_fd 0
        bridge_maxwait 0

auto eth2
iface eth2 inet dhcp

Eth0 and therefore br0 are external (internet).  Eth1 and br1 are internal.  And eth2 is for DRBD (not currently configured here ).  VMs (Zentyal and a several others)  are pointed to br0 and br1 depending on their needs.  I am showing this as an example of what the finished product looks like.  You should be able to achieve this without going to the command line. Here is what the xml file for the Zentyal vm looks like in pertinent part:

 </controller>
    <interface type='bridge'>
      <mac address='00:16:36:94:ce:xx'/>
      <source bridge='br0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
    </interface>
    <interface type='bridge'>
      <mac address='00:16:36:24:c3:xx'/>
      <source bridge='br1'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>

There again,  no need to go to the command line just use the web interface.
I hope this helps make things clear for you.

[thorsten]

Hi,

no, I do not think that gets to the point: What you discribe is the Zentyal 2.2 installation as a Guest within a KVM host installation. Better I desribe what I have done before and try to reprocess now (sorry for long story):

I had single maschine with Zentyal 2.0 installed running in my celler. I installed VMWare Server 2.0 in parallel to the Zentyal, so I was able to access
https://192.168.0.2 the Zentyal interface
and via
https://192.168.0.2:8000 the VMWare interface

Within the VM-Ware host I installed some VMs (e.g. Sage Math and my Self Made Home Control*). Everything run perfect execept the terror of VM-Ware Server reinstallation after each reboot and - of course the "increasing non-accessability" of the VM-Ware Server interface after Firefox updates... My problems went mad after I installed the Twonky UPNP Server: It does somehow interfere with VM-Ware Server, so both did not run in parallel.

In the meantime Zentyal 2.2 including KVM / Virtual Machine Management was announced and I was happily awaiting the release. I bought / compiled some new hardware in order to set up my control system* on a professional basis: A dedicated Server Board, RAID controler etc. I did a clean installation of Zentyal on the new 64 bit Hardware including Raid 5 and LVM.

Now my Problem:
I want to create a VM bridged to eth1 in order to run my home control system* within a virtual Windows XP environment - but I do not manage to get ANY contact from the created VMs to the outer net - the bridging does not work at all - I do not even get a NAT working - each step was done from within Zentyal.

So I installed Zentayl again - now without Virtual Machine Management Module. I installed KVM, Libvirt and Virt-Manager separately: Now I am able to create VMs which are running - but again: there is no network connection to the outer net - neither I can setup a bridge, and not even the NAT does work. Neither routed or NAT created Virtual Networks from within Virt-Manager do work. I can not even select a bridged Network adapter - there is non available.

My ultimative goal is a Zental installation as a home server (e.g. Captive Portal for Guests internet access, family file sharing, kids internet access limitations, virus scanning, E-Mail and Kalender Sharing etc. - Almost everything that Zentyal offers....) Additionally I do need some VM doing separate work, an UPNP Server (Twonky) may run in parallel to Zentyal or within a VM Machine. My Homepage does need a MySQL access and I have an old APC-UPS in place covering the Server Power.

Thanks
Thorsten

* for curious people: I programmed a Hygrosens USB 8x230 V/8A Relais OUT + 8x10-230 V Digital IN controlle Card in order to controll:
- lights in the houss
- window shutters
- the lawn irrigation system
- some heating installation control points
- the water softening installation

[half_life]

So to make sure that I understand you,  you are installing Zentyal on the hardware.  You are using kvm as a hypervisor.  And you would like to use bridge mode to your physical ethernet cards.   You need Zentyal to handle (as advertised) all vm management.  If that is what you are after,  yes I did understand you the first time.   If not I apologize.  Can you give me until tomorrow evening to get back to you on this?  My test platform is at work.  I will try to mimic your setup and report my results.  Ok?

[thorsten]

Hi Half_life,

You need Zentyal to handle (as advertised) all vm management.  If that is what you are after,  yes I did understand you the first time.   

yes, you understood me correct the first time - so it was my error. No need for you to apologize - its up to me  .

... you would like to use bridge mode to your physical ethernet cards.

correct - I would need to contact my VM servers as equivalent to the physical machines running. I do like to use my I-Phone to switch on / of the kitchen lights 

You need Zentyal to handle (as advertised) all vm management.

Yes and no: Zentyal would be perfect for switching on / off the maschines, but Virt-Manager ist more comprehensive to create machines because I do need USB pass throught and VNC connections from remote computer. Both is not enabled when VM are created from within Zentyal.

Additonally, I am not sure, but I think that Zentyal just manages the usermode VMs - I do just see the maschines I created within the Virt-Manager Usermode within Zentyal (sometimes!). I do not see the maschines I created within Virt-Manager using a direct connection. After the third installation of Zentyal, I did not install the Zentyal VM Management tool at all. I am just running Virt Manager / libvirt directly on the servers console and via SSH login from remote.

My status at the moment:
- I set the hosts eth1 to bridged mode and created a bridge br1
- I set br1 to DHCP on the host (Zentyal network interface)
- I can create an ethernet adapter bridged to br1 during VM setup from Virt-manager
- on firing up the VM, the host br1 adapter gets an IP from DHCP (I tried my routes DHCP server as well as the Zentyal internal DHCP). The IP is e.g.192.168.0.100
- on firing up the VM guest, its adapter (e.g. Realtec, in the meantime its name is eth9 from several trials) gets an IP from DHCP. The IP is e.g. 192.168.0.105
- at least when I use Zentyal DHCP, I can see both assignments on the Zentyal host dashboard.
- on firing up a virtual machine, another interface is visible @network -> intervaces: vnet1 (mybe the default KVM net)

I can not connect to the internet from the guest (a Zentryal Server, too) and I can not connect the VM guests Zentyal Interface. I fear that the IPs are blocking each other... Or there are some firewall rules I do not understand. Also I do not understand the vnet1

Is is the IP assignment as stated above correct?


THX
Thorsten

[half_life]

I have not gotten as far as you using the zentyal interface.  I cannot get zentyal to configure a bridge.  I can do it manually from the command line so it is not the fault of the underlying OS.  Can you ping your zentyal host?  How about www.yahoo.com?  Try an IP address like 8.8.8.8.  If you can ping your server and 8.8.8.8 but not www.yahoo.com it is a dns setup issue on the guest.  If you can't ping anything not on your lan it is a gateway problem on the guest.  You are correct Btw about the vmnet interface,  it is created by the hypervisor to handle connectivity with the guest os.

Edit:/  above when I am talking about pinging,  I mean from your guest machine.

[acon]

Hi,

For me, the VM module was not working so i installed manualy KVM/virt-manager from ubuntu repositories.
I found that the virt-manager version included in 10.4 does not support bridging. I manualy installed a newer versión, but the dependencies was too complicated.
I finaly installed virtualbox from oracle repository and i have now several VM's with bridged networking running just as expected.
The problem with virtualbox is that it is designed to work as an interactive application, but you have a set of command line tools to automate startup, shutdown and backups of VM.
I used this init.d script to start-stop VM's:
http://www.glump.net/howto/virtualbox_as_a_service
Hope thats help...

[thorsten]

Hi,
y ping (to any server witin my LAN or the WAN) does respond. Not even the DHCP server is reachable ...? The way vice versa does not work either.

I also tried acons suggestion: I simply updated 10.04 LTS to mavarick and (a little hurray) at least the NAT worked. Also some error (the default network from virt-manager can not start after stopping) was removed. Therefrom I fhink I will need a newer Version of Ubuntu, maybe Natty.

I will now have to decide how to proceed (I think have have to change minde on how to set up my server):
Option 1: I would set up e.g. Natty 64 bit server as a virtual machine host running all my VMs - incuding a virualised Zentyal...
Option 2: I would set up the same system as acon using Virtual Box - but I do not really like this as KVM seems to be the choice of future
Option 3: I would set up e.g. Natty 64 bit server incuding virtual machine host based on KVM and install Zentyal from sources on top.

In order to prevent trails and errors as from the last weeks:
does anybody has as an Idea if any of these option does work or not. From my first idea, I would prefer Option 3 as this is closest to my initial installation

Edit: By the way: does the 32 bit version does have the same problems? If not, this would give another fourth option I do not really consider...

THX
Thorsten

[thorsten]

Hi Acon

I found that the virt-manager version included in 10.4 does not support bridging. I manualy installed a newer versión, but the dependencies was too complicated.

Did you find out or is this knowledge available somehere on the internet - do you have any links for further reading: I would like to know from which version this may work - in order to avaid installation efford if it does not work for the selected version at all.

THX
Thorsten

[half_life]

I had bridging setup under 10.4 so I don't think that is the problem.  I in fact have setup a 10.10 (two actually in HA) with Zentyal as a VM.  I like this setup. I bridge the physical ethernet cards on the server and just attach the ones I need to the VMs.  My home server is similar (Xen +debian +vms).  The home server is bridged the same way.  I don't have the physical server bridged into the WAN ethernet (only the Zentyal gateway is bridged in to the WAN).  A couple of hints if you head this direction,  use lvm volumes on the physical server for each vm hard drive.  This makes backing up a snap.  You only need to take a snapshot of the drive you are going to backup then you can use dd to spool an image off on to media.  I backup all of my machines this way and it only takes about 20minutes a machine.  Add the xml file that virsh needs to re-create the machine and voila!  A complete disaster recovery set.  X2go is your friend if you need remote login to the server. 

[acon]

Hi thorsten,

I cant remember where i read about this. i thing the limitation is only with virt-manager. You can still configure a bridged VM manualy. I can confirm that after updating virt-manager, there is a new tab called interfaces.
Anyway, i cant spend more time trying to fix KVM in 10.04. I have it running without problem in a 11.04 server, and now i can run a VM with virtualbox in zentyal server. This is all i need by now.
Hops that helps

[half_life]

If you are still wrestling this may I suggest that you go ahead and do this manually via the command line. Zentyal stopped after making only part of the changes necessary to my /etc/network/interfaces file.  It changed eth0 to manual and stopped there.  Using what I posted above, you could finish the job and get yourself up and running.