Re: Network bridge with network-scripts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


> Am 25.01.2022 um 03:47 schrieb Alex <mysqlstudent@xxxxxxxxx>:
> 
>  I'm an old-school sysadmin from
> before NetworkManager existed.

Welcome to the club. But I still learned to appreciate Cockpit. It saves a lot of typing (and typos). 



Nevertheless you can use mac-vlan / mac-vtap to connect your VM(s) to the internet instead of using a bridge. As an old-school sysadmin you may use virsh and something like:

[…]# virt-install  --name <VM_NAME>\
     --memory 4098  --cpu host --vcpus 3 --graphics none\
     --os-type linux --os-variant fedora35\
     --graphics none \
     --location </PATH/TO/FEDORA.ISO> \
     --disk /var/lib/libvirt/images/<VM_NAME>.qcow2,format=qcow2,bus=virtio \
     --network type=direct,source=<HOST_IF_NAME>,source_mode=bridge,model=virtio 

The last line defines your network connection vor the VM. The „type=direct“ specifies mac-vlan / mac-vtap as the connection technology to use. You have to adjust the source=  according to the name of your machines interface, of course.

When installation completed you can login to your VM using

[…]# virsh  console  <VM_NAME>

Everything in the terminal and nothing with GUI.   :-)


>> If the host has a second physical interface that you want to use for an internal, protected network between VMs and the host as well as other hosts and VMs on that internal network, you have to reconfigure the second, internal network. My Fedora Server Doku is not yet ready, but you have to reconfigure the second interface as a bridge (because the VMs should be able to communicate with the host and vice versa). You man do (if is enp6s0 here)
>> 
>> (a) create a bridge and assign it the internal physical interface. IPv4 is static, no IPv6 for internal network:
>> […]# nmcli con add ifname vbr6s0 type bridge con-name vbr6s0 \
>>     bridge.stp no
>> […]# nmcli con mod vbr6s0 ipv4.method static \
>>     ipv4.address "10.10.10.XXX/24" \
>>     ipv4.gateway "10.10.10.10" \
>>     ipv4.dns "10.10.10.1" \
>>     ipv4.dns-search "localnet" \
>>     ipv6.method disabled \
>>     connection.zone "trusted"
>> […]# nmcli con add ifname enp6s0 type bridge-slave \
>>     master vbr6s0 con-name vbr6s0-slave-enp6s0 \
>>     connection.zone "trusted"
>> […]# nmcli con show vbr6s0
> 
> I'm not sure I understand this part - do I substitute my public IP for
> the localnet above, or is the config different in some other way when
> using public IPs and not using virbr0?

This variant does not apply to you, because your server has only one interface (which is needed for public access).  It refers to the case where the server has 2 (or more) physical interfaces and the 2nd interface is to be used for a separate, non-public, protected internal network. 


> Tips on how to set it up to support a kvm/qemu instance with a public
> IP would be appreciated.

Basically you will first install Fedora Server the usual way. Afterwards install libvirt / KVM and then one or more VMs. 

Our Fedora Server documentation contains a detailed description of those steps for the most current release 35 and tips what possible alternative to choose. 

Installation:
https://docs.fedoraproject.org/en-US/fedora-server/server-installation/. # (published version previous release)
https://docs.stg.fedoraproject.org/en-US/fedora-server/server-installation/  # (staging, most current release)

For adding visualisation and VMs see:
https://docs.fedoraproject.org/en-US/fedora-server/server-virtualization/  # (again published version previous release)
https://docs.stg.fedoraproject.org/en-US/fedora-server/server-virtualization/ # (again staging, most current release)


You can drop Cockpit if you don't like it. 


In case of further questions, please don’t hesitate to ask, either here or on Server list (server@xxxxxxxxxxxxxxxxxxxxxxx) 


Best
Peter

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux