If you read the libvirt development mailing list, you will have noticed that libvirt released 2 versions this week, the latest of which is version 0.10.1. This version includes a bunch of bug fixes, but between this and the previous 0.10.0, there are some changes in how you work with Open vSwitch virtualport types. I thought I’d explain some of them here, as they are advantageous and will make deploying libvirt with Open vSwitch easier.
The most important change going into this release of libvirt was around the handling of VLANs, both for Open vSwitch networks, as well as for 802.1Qbg and 802.1Qbh networks. The changes allow you to specify VLANs on networks, portgroups, or as part of the interface definition in the domain XML. For this article, I wanted to focus on, specifically, how this affects the integration of Open vSwitch with libvirt.
For example, to setup a VLAN in a network definition, you would do something like this:
<network> <name>openvswitch-net</name> <uuid>81ff0d90-c92e-6742-64da-4a736edb9a8b</uuid> <forward mode='bridge'/> <virtualport type='openvswitch'/> <portgroup name='bob' default='yes'> <vlan trunk='yes'> <tag id='666'/> </vlan> <virtualport> <parameters profileid='bob-profile'/> </virtualport> </portgroup> <portgroup name='alice'> <vlan trunk='yes'> <tag id='777'/> <tag id='888'/> <tag id='999'/> </vlan> <virtualport> <parameters profileid='alice-profile'/> </virtualport> </portgroup> </network>
As you can see from the above, we are creating a network (named “openvswitch-net”), and creating 2 portgroup’s here: “bob” and “alice”. Each portrgoup has a VLAN trunk defined, although “bob” only has a single VLAN in the trunk.
Now, if we wanted to put this configuration directly on the interface itself, it would look liks this:
<interface type='network'> <mac address='00:11:22:33:44:55'/> <source network='ovs-net'/> <virtualport type='openvswitch'> <parameters interfaceid='09b11c53-8b5c-4eeb-8f00-d84eaa0aaa4f' profileid='bob'/> </virtualport> </interface>
Now, because we specified the profileid of “bob”, the VLAN trunk information for “bob” would be applied when this VM is booted up and it’s VIF is added to the OVS bridge. But what if we wanted to override this information in the interface definition itself? We can do that too, and here’s an example of how to do it:
<interface type='network'> <mac address='00:11:22:33:44:55'/> <source network='ovs-net'/> <vlan trunk='yes'> <tag id='42'/> <tag id='48'/> <tag id='456'/> </vlan> <virtualport type='openvswitch'> <parameters interfaceid='09b11c53-8b5c-4eeb-8f00-d84eaa0aaa4f' profileid='bob'/> </virtualport> </interface>
Now when this virtual machine is booted, the configuration on the “interface” will take precedence, and the virtual machine will have a trunk port with VLANs 42, 48, and 456 passed to it.
Under the Covers
How does all of this work under the covers? We simply pass additional parameters to “ovs-vsctl” to ensure the port is trunked (trunk=VLAN1,VLAN2) or setup as an access port (tag=VLAN1). This is added to the command line libvirt uses when adding these ports to the OVS bridge.
If you have read my previous article on configuring virtual machines with libvirt and Open Vswitch, you will note a caveat there around VLAN configuration. I’m happy to say this latest version of libvirt addresses this issue. You can now effectively setup VLAN configuration for virtual ports connecting to an OVS bridge in multiple places in libvirt. This makes deploying libvirt with Open vSwitch much more useful.