5.4. Configuring Virtual Machines and Containers in Bridged Mode

Important

To create and manage virual networks and virtual network bridges, you must use either command-line interface or Virtuozzo Automator, but not both.

This section describes all operations related to configuring virtual machines and containers that operate in bridged mode.

5.4.1. Managing Virtual Networks

A virtual network acts as a binding interface between a virtual network adapter in a virtual machine or container and the corresponding network adapter on the hardware node. Using virtual networks, you can include virtual machines and containers in different networks. Virtuozzo enables you to manage virtual networks as follows:

  • Create virtual networks.
  • Configure virtual network parameters.
  • List existing virtual networks.
  • Delete virtual networks.

These operations are described in the following subsections in detail.

5.4.1.1. Creating Virtual Networks

By default, Virtuozzo creates the following virtual networks on the server:

  • Bridged virtual network that is connected to one of the physical adapters on the hardware node (e.g., enp0s5) and provides virtual machines and containers included in this virtual network with access to the network behind this physical adapter.
  • Host-only virtual network that is connected to a special virtual adapter on the server and allows the virtual machines and containers joined to this virtual network to access only the server and the other virtual machines and containers on this network.

You can create your own virtual networks using the prlsrvctl command. For example, to create a new virtual network network1, you can run:

# prlsrvctl net add network1

By default, the command creates a host-only virtual network, but you can change its type if needed (see Configuring Virtual Network Parameters).

5.4.1.2. Creating Network Bridges for Network Adapters

To connect a network adapter to a bridged virtual network, you need to create a network bridge first. A network adapter can be physical (enp<X>s<Y>) or logical: a VLAN (enp<X>s<Y>.<N>) or a bonding interface (bond<N>).

For example, to create a network bridge for the VLAN interface, you can use the NetworkManager text-based user interface tool, nmtui, as follows:

  1. On the node, start nmtui:

    # nmtui
    

    In the tool TUI, use the arrow keys and Tab to navigate through the options, Enter to select an option, and Space to set and clear check boxes.

  2. On the NetworkManager TUI screen, select Edit a connection from the menu.

    ../_images/vzbridge1.png
  3. On the next screen, select Add to add a new connection.

    ../_images/vzbridge2.png
  4. To add a new network bridge, choose Bridge from the drop-down list in the New connection window and press Create.

    ../_images/vzbridge3.png
  5. On the Edit connection screen:

    1. In the Profile name field, enter the connection profile name. This name with the ifcfg- prefix will be used for creating the interface configuration file in the /etc/sysconfig/network-scripts/ directory.

    2. In the Device field, specify the device name of the new network bridge.

    3. Press Add to specify a slave network interface.

    4. In the New connection window, choose VLAN from the drop-down list and press Create.

      ../_images/vzbridge4.png
    5. In the Edit connection window, specify the profile name and device name of the VLAN interface in the Profile name and Device fields, respectively, and press OK.

      The Parent and VLAN ID fields are filled in automatically.

      ../_images/vzbridge5.png

      The chosen VLAN interface will appear in the Slaves section.

    6. Clear the Enable STP (Spanning Tree Protocol) check box.

      ../_images/vzbridge6.png
    7. Configure static IP parameters of the network bridge:

      1. In the IPv4 CONFIGURATION section, press Automatic and choose Manual from the drop-down list.

        ../_images/vzbridge7.png
      2. Press Show to expand the section.

      3. Assign a static IP address, set the default gateway and the DNS server for the network bridge in the corresponding fields.

        ../_images/vzbridge8.png
    8. Configure other network parameters if required and press OK.

    The network bridge for the VLAN adapter will appear in the list of existing connections.

    ../_images/vzbridge9.png
  6. To exit nmtui, press Back and then Quit.

After creating the network bridge, you can check its configuration file stored in the /etc/sysconfig/network-scripts/ directory. For example:

# cat /etc/sysconfig/network-scripts/ifcfg-br1

5.4.1.3. Configuring Virtual Network Parameters

Virtuozzo allows you to configure the following parameters for a virtual network:

  • The networking mode in which the virtual network is operating.

    Note

    Before changing the virtual network type to bridged, a network bridge must be created for the virtual network. See Creating Network Bridges for Network Adapters.

  • The description of the virtual network.

All these operations can be performed using the prlsrvctl utility. For example, if you need to configure the network1 virtual network. This virtual network is currently configured as a host-only network and has the following description: This is a host-only virtual network. To change these parameters, you can execute the following command:

# prlsrvctl net set network1 -t bridged --ifname enp0s6 -d "This is now a bridged virtual network"

This command configured the network1 virtual network as follows:

  1. Changes the virtual network type to bridged.
  2. Changes the virtual network description to the following: “This is now a bridged virtual network”.

5.4.1.4. Listing Virtual Networks

To list the virtual networks existing on the hardware node, you can use the prlsrvctl utility as shown below.

# prlsrvctl net list
Network ID        Type      Bound To       Bridge
Host-Only         host-only                virbr1
Bridged           bridged   enp0s5         br0

This utility displays the following information on virtual networks:

Column Description
Network ID The name assigned to the virtual network.
Type The networking mode set for the virtual network.
Bound To The adapter on the hardware node connected to the virtual networks, if any.

5.4.1.5. Connecting Virtual Networks to Adapters

By connecting an adapter on the physical server to a virtual network, you can join all virtual machines and containers included in the virtual network to the network to which the corresponding adapter is connected.

Consider the following example:

  • The enp0s6 physical adapter and the network1 virtual network exist on the hardware node. For information on creating virtual networks, see Creating Virtual Networks.
  • The enp0s6 physical adapter is connected to the local network.
  • The br1 network bridge for the enp0s6 physical adapter is created. For information on creating network bridges, see Creating Network Bridges for Network Adapters.
  • The container MyCT is connected to the network1 virtual network. Detailed information on joining virtual machines and containers to virtual networks is given in Connecting Virtual Environments to Virtual Networks.

To connect the enp0s6 adapter to the network1 virtual network and thus to join the container MyCT to the network behind enp0s6, run this command on the server:

# prlsrvctl net set network1 -i enp0s6

To check that the enp0s6 physical adapter has been successfully added to the network1 virtual network, you can execute the following command:

# prlsrvctl net list
Network ID        Type      Bound To       Bridge
Host-Only         host-only                virbr1
Bridged           bridged   enp0s5         br0
network1          bridged   enp0s6         br1

As you can see, the enp0s6 adapter is now joined to the network1 virtual network. That means that the container MyCT whose virtual network adapter is connected to network1 can access the local network behind enp0s6.

5.4.1.6. Deleting Virtual Networks

At any time, you can remove a virtual network that you do not need any more from the physical server. To do this, you can use the prlsrvctl utility. For example, you can delete the network1 virtual network by running the following command:

# prlsrvctl net del network1

To check that network1 has been successfully removed, execute this command:

# prlsrvctl net list
Network ID     Type        Bound To
Host-Only      host-only
Bridged        bridged     enp0s5

5.4.2. Managing Virtual Network Adapters in Virtual Environments

Virtuozzo provides you with ample opportunities of configuring virtual network adapters in virtual environments and including them in different network environments. This section shows you the way to perform the following operations:

  • Create new virtual network adapters and delete existing ones.
  • Configure the parameters of an existing virtual network adapter.
  • Join virtual network adapters to virtual networks.

All these operations are described in the following subsections in detail.

5.4.2.1. Creating and Deleting Virtual Adapters

A virtual environment can have up to 15 virtual network adapters. Each adapter can be connected to a different network. For example, if you need to create a new virtual adapter for the virtual machine MyVM. To do this, you can execute the following command:

# prlctl set MyVM --device-add net

To check that the network adapter (net1) has been successfully added to the virtual machine, run this command:

# prlctl list --info MyVM
ID: {f3b3d134-f512-324b-b0b1-dbd642f5220b}
Name: MyVM
...
net1 (+) dev='vme4208fa77' network='Bridged' mac=001C4208FA77 card=virtio

At any time, you can remove the newly created network adapter (net1) by executing the following command:

# prlctl set MyVM --device-del net1

5.4.2.2. Configuring Virtual Adapter Parameters

Virtuozzo allows you to configure the following parameters of virtual adapters:

Configuring MAC Addresses

If you need for some reason to regenerate the current MAC address of a network adapter, you can use the following command:

# prlctl set MyVM --device-set net1 --mac 00:1C:42:2D:74:00

This command sets the MAC address of 00:1C:42:2D:74:00 for the net1 adapter in the virtual machine MyVM. If do not know what MAC address to assign to your virtual adapter, you can make prlctl set automatically generate a new MAC address. To do this, run the following command:

# prlctl set MyVM --device-set net1 --mac auto

Configuring IP Parameters

As any other standalone server, each virtual environment must have a number of TCP/IP settings configured in the proper way to successfully operate on the network. These settings include:

  • IP address
  • default gateway
  • DNS server

Note

You can configure the network parameters only of virtual machines that have Virtuozzo guest tools installed.

Usually, you define all these settings when you create a virtual environment. However, if you have not yet set any of the settings or want to modify any of them, you can use the prlctl set command. For example, you can execute the following command to assign the IP address of 192.129.129.20 to the net1 adapter in the virtual machine MyVM, set the default gateway to 192.129.129.1 and the DNS server to 192.192.192.10:

# prlctl set MyVM --device-set net1 --ipadd 192.129.129.20 --gw 192.129.129.1 \
--nameserver 192.192.192.10

Along with a static assignment of network parameters to a virtual adapter, you can make the adapter receive its TCP/IP settings automatically using the Dynamic Host Configuration Protocol (DHCP). For example, you can run this command to make the net1 adapter in the virtual machine MyVM get its IP settings through DHCP:

# prlctl set MyVM --device-set net1 --dhcp yes

5.4.2.3. Connecting Virtual Environments to Virtual Networks

In Virtuozzo, you can connect virtual environments to virtual networks of the following types:

  • Bridged virtual network allows a virtual environment to use one of the physical server network adapters, which makes it appear as a separate computer on the network the corresponding adapter belongs to.
  • Host-only virtual network allows a virtual environment to access only the physical server and the virtual environments joined to this network.

By default, any newly created adapter is connected to the Bridged network. To join a virtual machine to another network, use the prlctl set command. For example, the following session demonstrates how you can connect the net0 adapter of the virtual machine MyVM to the network1 virtual network.

Before connecting the virtual machine MyVM to the network1 virtual network, you may wish to check the network adapter associated with this virtual network. You can do it, for example, using the following command:

# prlsrvctl net list
Network ID        Type      Bound To
Host-Only         host-only
Bridged           bridged   enp0s5
network1          bridged   enp0s6

From the command output, you can see that the network1 virtual network is attached to the enp0s6 physical adapter on the physical server. That means that, after connecting the virtual machine MyVM to the network1 virtual network, the virtual machine will be able to access all computers on the network where the enp0s6 adapter is connected.

Now you can run the following command to join the net1 adapter of the virtual machine MyVM to the network1 virtual network:

# prlctl set MyVM --device-set net1 --network network1

To check that the network adapter (net1) has been successfully joined to the network1 virtual network, execute

# prlctl list --info MyVM
ID: {f3b3d134-f512-324b-b0b1-dbd642f5220b}
Name: MyVM
...
net1 (+) dev='vme4208fa77' network='network1' mac=001C4208FA77 card=virtio