Shulou(Shulou.com)05/31 Report--

This article is to share with you the content of a sample analysis of the flattened network architecture design of KVM virtual machines. The editor thinks it is very practical, so share it with you as a reference and follow the editor to have a look.

One: introduction

The flattened network is designed to separate the network segments managed by the external access and the internal management system from each other, so that the physical machine needs at least two network cards and the virtual machine has at least two network cards. One is connected to the external network and the other is connected to the internal network.

Set up two bridges br0 and br1 respectively, and bind eth0 and eth2 to the bridge respectively, similarly, the virtual machine is also two network cards eth0 and eth2 bound to br0 and br1 respectively, so that the two network segments can be configured and managed independently.

The public network accesses the virtual machine directly through the eth0 = > br0 = > kvm eth0 channel. Generally, there is no way to manage the entire physical machine. Therefore, the eth0 of the physical machine does not need to be configured with public network ip (expensive, wasteful and insecure).

The internal network needs to manage the entire physical machine through eth2 = > br1. Because virtual machines need to be created, deleted and modified constantly, the entire physical machine needs to be controlled. So at this point, eth2 needs an ip address of the intranet.

These two bridge networks are carried out by bridging. The difference is that eth0 does not need an ip address, but acts as a network cable.

Two: operation

1. The physical server hypervisor needs two network cards, one eth0 connection gateway to access the public network, and one eth2 connection to the private network managed by the administrator.

Configure two network cards in / etc/udev/rules.d/70-persistent-net.rules

Configure two files in the / etc/sysconfig/network-scripts/ directory

Ifcfg-eth0 (there is no need to configure public network ip, which is a waste, because its function is a network cable, which can be connected to the gateway)

DEVICE= "eth0" # must be consistent with / etc/udev/rules.d/70-persistent-net.rules name HWADDR= "00:0C:29:FF:DF:20" # this must also be consistent, otherwise it does not know ONBOOT= "yes" BOOTPROTO= "none"

Ifcfg-eth2

DEVICE= "eth2" HWADDR= "00:0C:29:FF:DF:21" ONBOOT= "yes" BOOTPROTO= "static" IPADDR= "192.168.80.250" NETMASK= "255.255.255.0"

2. There are two bridges on the physical server hypervisor, br0 binding eth0 (equivalent to br0 connecting to the gateway) and br1 binding eth2 (equivalent to br1 connecting to the management network, and the administrator can connect to his IP address management hypervisor).

Virsh iface-bridge eth0 br0 virsh iface-bridge eth2 br1

3. The virtual machine on hypervisor has two network cards, both of which are associated to the two bridges (you only need to configure them in the configuration file of virsh)

4. Start the virtual machine and configure the network.

Virsh define / XXX/XXX.xml virsh start XXXXX

Thank you for reading! This is the end of the article on "sample analysis of KVM virtual machine flattened network architecture design". I hope the above content can be helpful to you, so that you can learn more knowledge. if you think the article is good, you can share it for more people to see!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.