docs:virtualizacion:openvz:iweb-red

Configuración de red para OpenVZ en servidor iWeb

Este documento toma elementos de la configuración mostrada en Using private IPs for Hardware Nodes.

Sistema instalado

iWeb entrega el sistema configurado así: 

 # ip addr show
 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 scope host lo
     inet6 ::1/128 scope host 
        valid_lft forever preferred_lft forever
 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 10
     link/ether 00:1b:21:28:d5:15 brd ff:ff:ff:ff:ff:ff
     inet 70.38.78.182/27 brd 70.38.78.191 scope global eth0
     inet 70.38.83.81/29 brd 70.38.83.87 scope global eth0:1
     inet 70.38.83.82/29 brd 70.38.83.87 scope global eth0:2
     inet 70.38.83.83/29 brd 70.38.83.87 scope global eth0:3
     inet 70.38.83.84/29 brd 70.38.83.87 scope global eth0:4
     inet 70.38.83.85/29 brd 70.38.83.87 scope global eth0:5
     inet 70.38.83.86/29 brd 70.38.83.87 scope global eth0:6
     inet6 fe80::21b:21ff:fe28:d515/64 scope link 
        valid_lft forever preferred_lft forever
 # ip route show
 70.38.83.80/29 dev eth0  proto kernel  scope link  src 70.38.83.81 
 70.38.78.160/27 dev eth0  proto kernel  scope link  src 70.38.78.182 
 default via 70.38.78.161 dev eth0

Reservar IPes para contenedores

Desconfigurar todas las IP, menos la principal y una de los alias del archivo /etc/network/interfaces (solo debe quedar eth0 y eth0:1 activas en el HN)

Reiniciar interfaces de red: 

 /etc/init.d/networking restart
 # ip addr show
 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 scope host lo
     inet6 ::1/128 scope host 
        valid_lft forever preferred_lft forever
 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 10
     link/ether 00:1b:21:28:d5:15 brd ff:ff:ff:ff:ff:ff
     inet 70.38.78.182/27 brd 70.38.78.191 scope global eth0
     inet 70.38.83.81/29 brd 70.38.83.87 scope global eth0:1
     inet6 fe80::21b:21ff:fe28:d515/64 scope link 
        valid_lft forever preferred_lft forever

Paquetes requeridos

 apt-get install bridge-utils

Script para crear bridge

 #!/bin/bash
 
 sleep 5
 brctl addbr br0
 ifconfig eth0 0
 brctl addif br0 eth0
 ifconfig br0 70.38.78.182/27
 ifconfig br0:1 70.38.83.81/29
 ip route del default via 70.38.78.161 dev eth0
 ip route add default via 70.38.78.161 dev br0

Ejecutar script en background. Esto perderá conexion de red y requerirá volver a conectar. 

 # ./bridge.sh >/dev/null 2>&1 &
 # exit

Al volver a conectar se creo un bridge:

  • La IP principal esta en br0
  • Una IP virtual queda en br0:1
  • eth0 no tiene IP
  • la ruta por defecto está en br0
 # ip addr show
 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 scope host lo
     inet6 ::1/128 scope host 
        valid_lft forever preferred_lft forever
 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 10
     link/ether 00:1b:21:28:d5:15 brd ff:ff:ff:ff:ff:ff
     inet6 fe80::21b:21ff:fe28:d515/64 scope link 
        valid_lft forever preferred_lft forever
 3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN 
     link/ether 00:1b:21:28:d5:15 brd ff:ff:ff:ff:ff:ff
     inet 70.38.78.182/27 brd 70.38.78.191 scope global br0
     inet 70.38.83.81/29 brd 70.38.83.87 scope global br0:1
     inet6 fe80::21b:21ff:fe28:d515/64 scope link 
        valid_lft forever preferred_lft forever
 # ip route show
 70.38.83.80/29 dev eth0  proto kernel  scope link  src 70.38.83.81 
 70.38.78.160/27 dev br0  proto kernel  scope link  src 70.38.78.182 
 default via 70.38.78.161 dev br0

Configuración fija

Si todo queda bien, adaptar el /etc/network/interfaces para que esta configuración sea la por defecto: 

auto lo
iface lo inet loopback

auto br0
iface br0 inet static
        address 70.38.78.182
        netmask 255.255.255.224
        network 70.38.78.160
        broadcast 70.38.78.191
        gateway 70.38.78.161
        bridge_ports eth0

auto br0:1
iface br0:1 inet static
        address 70.38.83.81
        netmask 255.255.255.248

Se coloca el alias en el bridge.

Reiniciar y ver que todo quede funcionando normalmente.

Crear primer contenedor

Ya se puede crear el primer contenedor, sugiendo este documento

  • docs/virtualizacion/openvz/iweb-red.txt
  • Última modificación: 2014/12/08 01:28
  • por 127.0.0.1