13.2. Managing Virtual Networks¶
A Virtual Network is a grouped number of virtual environments with bridged network interfaces into a single subnet. Using virtual networks you can make groups of virtual environments on a physical server which belong to different subnets invisible to each other. General information on the two network modes in which virtual environments can operate (host-routed and bridged) is provided in Virtuozzo documentation. Only virtual environments operating in the bridged mode can be organized into virtual networks. The chart below illustrates different scenarios of virtual network usage and their respective results.
The scheme above illustrates three Virtuozzo physical servers each having a single Ethernet adapter (eth0
). The Ethernet adapters are physically united into a single network. On the Ethernet adapters of Nodes 2 and 3, a VLAN is set up.
The steps needed to set up each of the five Virtual Networks shown on the scheme (A-E) are the following:
A Virtual Network is created either on the general Virtuozzo Automator screen for the whole Server Group of physical servers or on the screen related to a particular physical server. Whatever the screen, the created Virtual Network will be available for all the registered physical servers. If you use a particular physical server for the Virtual Network creation, you can also specify to what network interface card (NIC) of the current physical server the Virtual Network will be assigned, if at all.
Containers from one or more physical servers are added to the Virtual Network, thus creating a separate subnet. Only the bridged interfaces of the containers are involved in this process; host-routed interfaces cannot be added to Virtual Networks. You should make sure that these containers can also communicate with each other on the IP level, i.e. their IP addresses/net masks are compatible with each other.
For each physical server that hosts the containers included in the Virtual Network, the Virtual Network should either be assigned to one of the physical server’s physical/VLAN adapters or defined locally for the physical server (the latter variant is possible if the containers of only one physical server are included in the Virtual Network).
Using the method above, the configuration shown on the scheme can be created. Each of the five Virtual Networks serves to group two or three containers of one or two physical servers - this is shown with double-headed arrows connecting the Virtual Network border with the container bridged interfaces. Each of the Virtual Networks is either local for the physical server or bridged to some adapter - the latter case is illustrated with double-headed arrows connecting the Virtual Network border with the physical servers’ Ethernet or VLAN interfaces.
Let us see the effects of each of the combinations shown:
Container 101 has only a host-routed interface and thus is not included in any Virtual Network. It is visible by any containers and other hosts that can access the
eth0
adapter of Physical Server 1.Containers 102, 103, and 201 are united into Virtual Network A. They can communicate with each other and other hosts because on each physical server, Virtual Network A is assigned to the
eth0
adapter.Container 201 has two bridged adapters, with the second one included in Virtual Network B together with Container 202. Virtual Network B is not assigned to any interface on the physical server, and still Container 202 is able to communicate with the outer world thanks to the fact that Container 201 is bridged to
eth0
on the physical server through Virtual Network A. Of course, for this to be possible, all the bridged adapters of Containers 201 and 202 should belong to one and the same IP subnet.Virtual Network C with Containers 203 and 204 is another example of a Virtual Network defined locally on the physical server, but unlike Virtual Network B, its containers can only see one another and no other hosts, because there is no bridging to any of the adapters of the physical server.
Containers 205 and 301 are united into Virtual Network D through the respective adapters of their physical servers much like the containers of Virtual Network A. However, Virtual Network D is bridged not to the physical interface on both of the physical servers, but to the VLAN interfaces created on the physical ones. This results in the isolation of Containers 205 and 301 within this VLAN so that they are visible to each other but not to any other external hosts.
Virtual Network E is the most complex example on this scheme. The Virtual Network is not assigned to any of the physical server’s interfaces, so it remains local for the physical server. In addition to its inclusion in Virtual Network E, Container 302 enjoys a host-routed interface, so it can effectively communicate with the outer world. But what about Container 303? Unlike Container 202 in Virtual Network B, it cannot be simply included in a single IP subnet with the bridged interface of its fellow container that would be bridged, in its turn, to the physical server’s interface. For Container 303 to be able to go outside the limits of the Virtual Network, network fine-tuning should take place. In particular, the Ethernet frame that is sent by Container 303 to an external host should come to Container 302, lose its framing, thus becoming a pure IP packet, be routed through the host-routed interface of Container 302 to the physical server’s adapter eth0, put on a new framing to become again an Ethernet frame (different from the original one because the source MAC address becomes that of the physical server, and not that of Container 303), and go further. Paving the way for a response to get successfully to Container 303 is also a challenge. Thus, if you are not a network guru, chances are Container 303 will remain isolated in the scope of Virtual Network E. Luckily, Virtuozzo Automator provides easier ways of setting up your network, as was illustrated above.
Note
Any interface on the physical server can be assigned to only one Virtual Network. If you need to create more Virtual Networks on one physical server, use more physical adapters.
13.2.1. Listing Virtual Networks on Physical Server¶
To access the screen, go to Infrastructure > physical server > Network tab > Virtual Networks subtab.
The Virtual Networks screen displays a general list of virtual networks available in Virtuozzo Automator. The information on virtual networks is presented in the table having the following columns:
Column |
Description |
---|---|
Virtual Network |
The name assigned to the virtual network during its creation. |
Connection Status |
Indicates the virtual network status:
|
Network Description |
The description of the virtual network, if set. |
Assigned Interface |
If the virtual network is connected to some network adapter on this physical server, the name of this adapter is displayed. |
Note
To learn more about the notion of virtual networks and their relation to physical adapters, VLAN adapters, and virtual environments, please refer to Managing Virtual Networks.
By default, 20 virtual networks are displayed on a page. To change the number of virtual networks shown per page, click the appropriate link below the table. You can also filter the virtual networks shown in the Connections table. To do that, click Show Search, enter search patterns in the search fields, and click Search. To change what search fields are displayed, click Customize. To have the full list of virtual networks back, click Reset Results. To change the virtual networks order in the table, click the corresponding column name. To show or hide columns, click Select Columns and set or clear the respective checkboxes.
Operations Available
Create a new virtual network. Click the New Virtual Network link.
View and edit the virtual networks details. Click its name in the table.
Note
To delete a virtual network, go to Resource Library > Virtual Networks.
13.2.2. Creating Virtual Network on Physical Server¶
The aim of the virtual network is to group virtual environments within one physical server or between several physical servers and to provide all virtual environments with common network configuration.
To access the New Virtual Network screen, go to Infrastructure > physical server > Network tab > Virtual Networks subtab and click the New Virtual Network link.
On the New Virtual Network screen, you can create a new virtual network. To this effect, you should provide the information in the following fields:
Virtual Network Name (mandatory): specify an arbitrary name to be assigned to the virtual network.
Description (optional): provide the virtual network description, if necessary.
The Assign Interface section enables you to configure the following Virtual Network parameters:
Select the Not Configured option if you do not wish to connect the virtual network to any network adapter on this physical server. After the creation, the virtual network’s status will be Not Configured.
Select the Connect via option and specify the network adapter you wish to connect the virtual network. The drop-down menu lists all physical and VLAN adapters available on the physical server. After the creation, the virtual network’s status will be Connected.
Select the Use on the Node only option if you do not plan to connect the virtual network to external networks, however, wish to unite some of your virtual environments inside this virtual network to allow these virtual environments to communicate with each other.
Note
To learn more about the notion of virtual networks and their relation to physical adapters, VLAN adapters, and virtual environments, please refer to Managing Virtual Networks.
After you have entered the necessary information, click the Submit button to create the virtual network. After a while, the newly created virtual network will be displayed on the Virtual Networks screen.
13.2.3. Viewing Virtual Network Details¶
To access the Virtual Network screen, go to Infrastructure > physical server > Network tab > Virtual Networks subtab and click the virtual network name in the table.
The Virtual Network screen allows viewing the following information:
The General Settings group displays the name and description of the virtual network and indicates whether the virtual network is connected to some network adapter on this physical server (connected status), set for usage on this physical server only (local), or not configured. To change network interface settings, click the Configure button.
Under Connected Containers, you can view the containers that were added to this virtual network. The list provides extended info on the containers just like it is presented in the physical server’s Virtual Environment list.
Note
To learn more about the notion of virtual networks and their relation to physical adapters, VLAN adapters, and virtual environments, please refer to Managing Virtual Networks.
13.2.4. Configuring Virtual Network Parameters on Physical Server¶
The Configure screen for the selected virtual network is displayed on clicking the Configure button on the details screen for this virtual network.
Note
To learn more about the notion of virtual networks and their relation to physical adapters, VLAN adapters, and virtual environments, please refer to Managing Virtual Networks.
The Assign Interface section enables you to configure the following Virtual Network parameters:
Select the Not Configured option if you do not wish to connect the virtual network to any network adapter on this physical server. After the creation, the virtual network’s status will be Not Configured.
Select the Connect via option and specify the network adapter you wish to connect the virtual network. The drop-down menu lists all physical and VLAN adapters available on the physical server. After the creation, the virtual network’s status will be Connected.
Select the Use on the Node only option if you do not plan to connect the virtual network to external networks, however, wish to unite some of your virtual environments inside this virtual network to allow these virtual environments to communicate with each other.
13.2.5. Listing Virtual Networks in Server Group¶
To access the Virtual Networks screen, go to Resource Library > Virtual Networks.
The Virtual Networks screen displays all the virtual networks that were created in the VA infrastructure. The virtual networks may have been created either locally on a particular Slave physical server, or from the Resource Library. However, the Virtual Networks screen does not provide information on the virtual networks connection statuses. The information on this screen is for the management purposes only.
When you create a new virtual network in the Resource Library, it also appears on the Virtual Networks list of every VA physical server. To view this list, go to Infrastructure > physical server > Network tab > Virtual Networks subtab. For the physical servers, the newly created virtual network exists in the Not Configured status and cannot be used for grouping virtual environments until you configure its properties and bind it to the physical server network adapter ( see Configuring Virtual Network Parameters on Physical Server).
Note
To learn more about the notion of virtual networks and their relation to physical adapters, VLAN adapters, and virtual environments, please refer to Managing Virtual Networks.
The information on Virtual Networks is presented in the table having the following columns:
Column |
Description |
---|---|
Name |
The name assigned to the virtual network. |
Description |
The description of the virtual network, if set. |
By default, 20 virtual networks are displayed on a page. To change the number of virtual networks shown per page, click the appropriate link below the table. You can also filter the virtual networks shown in the Virtual Networks table. To do that, click Show Search, enter search patterns in the search fields, and click Search. To change what search fields are displayed, click Customize. To have the full list of virtual networks back, click Reset Results. To change the virtual networks order in the table, click the corresponding column name. To show or hide columns, click Select Columns and set or clear the respective checkboxes.
Operations Available
New Virtual Network link. Create a new virtual network.
Delete link. Delete any of the existing virtual networks. If the virtual network was bound to a physical server network adapter, the adapter will be released and available for connecting to other virtual networks.
Change the virtual network description by clicking its name in the table.
13.2.6. Creating New Virtual Network¶
The aim of the virtual network is to group virtual environments within one physical server or between several physical servers and to provide all virtual environments with common network configuration.
To access the New Virtual Network screen, go to Resource library > Virtual Networks and click the New Virtual Network link.
On the New Virtual Network screen, you can create a new virtual network. Provide the information in the following fields:
Virtual Network Name (mandatory). Specify an arbitrary name to be assigned to the virtual network. This can be any name to your like.
Description (optional). Provide the virtual network description, if necessary.
After you have entered the necessary information, click the Submit button to create the virtual network. After a while, the newly created virtual network will be displayed on the Virtual Networks screen.
Note
To learn more about the notion of virtual networks and their relation to physical adapters, VLAN adapters, and virtual environments, please refer to Managing Virtual Networks.
13.2.7. Configuring Virtual Network Parameters¶
The Manage Virtual Network screen allows you to change the description of a virtual network.
To access the screen, go to Resource Library > Virtual Networks and click the name of the Virtual Network whose name you wish to modify. To provide a new description for the virtual network, type the needed text in the Description field and click the Submit button.