6.2. Virtual Network Interface Cards
6.2.1. vNIC Profile Overview
6.2.2. Creating or Editing a vNIC Profile
Note
Procedure 6.7. Creating or Editing a vNIC Profile
- Click the Networks resource tab, and select a logical network in the results list.
- Select the vNIC Profiles tab in the details pane. If you selected the logical network in tree mode, you can select the vNIC Profiles tab in the results list.
- Click VM Interface Profile window.or to open the
Figure 6.2. The VM Interface Profile window
- Enter the Name and Description of the profile.
- Select the relevant Quality of Service policy from the QoS list.
- Select a Network Filter from the drop-down list to manage the traffic of network packets to and from virtual machines. For more information on network filters, see Applying network filtering in the Red Hat Enterprise Linux Virtualization Deployment and Administration Guide.
- Select the Passthrough check box to enable passthrough of the vNIC and allow direct device assignment of a virtual function. Enabling the passthrough property will disable QoS, network filtering, and port mirroring as these are not compatible. For more information on passthrough, see Section 6.2.4, “Enabling Passthrough on a vNIC Profile”.
- If Passthrough is selected, optionally deselect the Migratable check box to disable migration for vNICs using this profile. If you keep this check box selected, see Additional Prerequisites for Virtual Machines with SR-IOV-Enabled vNICs in the Virtual Machine Management Guide.
- Use the Port Mirroring and Allow all users to use this Profile check boxes to toggle these options.
- Select a custom property from the custom properties list, which displays Please select a key... by default. Use the and buttons to add or remove custom properties.
- Click.
Note
6.2.3. Explanation of Settings in the VM Interface Profile Window
Field Name
|
Description
|
---|---|
Network
|
A drop-down list of the available networks to apply the vNIC profile to.
|
Name
|
The name of the vNIC profile. This must be a unique name with any combination of uppercase and lowercase letters, numbers, hyphens, and underscores between 1 and 50 characters.
|
Description |
The description of the vNIC profile. This field is recommended but not mandatory.
|
QoS |
A drop-down list of the available Network Quality of Service policies to apply to the vNIC profile. QoS policies regulate inbound and outbound network traffic of the vNIC.
|
Network Filter |
A drop-down list of the available network filters to apply to the vNIC profile. Network filters improve network security by filtering the type of packets that can be sent to and from virtual machines. The default filter is
vdsm-no-mac-spoofing , which is a combination of no-mac-spoofing and no-arp-mac-spoofing . For more information on the network filters provided by libvirt, see the Pre-existing network filters section of the Red Hat Enterprise Linux Virtualization Deployment and Administration Guide.
<No Network Filter> should be used for virtual machine VLANs and bonds. On trusted virtual machines, choosing not to use a network filter can improve performance.
|
Passthrough |
A check box to toggle the passthrough property. Passthrough allows a vNIC to connect directly to a virtual function of a host NIC. The passthrough property cannot be edited if the vNIC profile is attached to a virtual machine.
QoS, network filters, and port mirroring are disabled in the vNIC profile if passthrough is enabled.
|
Migratable |
A check box to toggle whether or not vNICs using this profile can be migrated. Migration is enabled by default on regular vNIC profiles; the check box is selected and cannot be changed. When the Passthrough check box is selected, Migratable becomes available and can be deselected, if required, to disable migration of passthrough vNICs.
|
Port Mirroring |
A check box to toggle port mirroring. Port mirroring copies layer 3 network traffic on the logical network to a virtual interface on a virtual machine. It it not selected by default. For further details, see Port Mirroring in the Technical Reference.
|
Device Custom Properties |
A drop-down menu to select available custom properties to apply to the vNIC profile. Use the
and buttons to add and remove properties respectively.
|
Allow all users to use this Profile |
A check box to toggle the availability of the profile to all users in the environment. It is selected by default.
|
6.2.4. Enabling Passthrough on a vNIC Profile
Procedure 6.8. Enabling Passthrough
- Select a logical network from the Networks results list and click the vNIC Profiles tab in the details pane to list all vNIC profiles for that logical network.
- Click VM Interface Profile window.to open the
- Enter the Name and Description of the profile.
- Select the Passthrough check box.
- Optionally deselect the Migratable check box to disable migration for vNICs using this profile. If you keep this check box selected, see Additional Prerequisites for Virtual Machines with SR-IOV-Enabled vNICs in the Virtual Machine Management Guide.
- If necessary, select a custom property from the custom properties list, which displays Please select a key... by default. Use the and buttons to add or remove custom properties.
- Clickto save the profile and close the window.
6.2.5. Removing a vNIC Profile
Procedure 6.9. Removing a vNIC Profile
- Click the Networks resource tab, and select a logical network in the results list.
- Select the Profiles tab in the details pane to display available vNIC profiles. If you selected the logical network in tree mode, you can select the VNIC Profiles tab in the results list.
- Select one or more profiles and click Remove VM Interface Profile(s) window.to open the
- Clickto remove the profile and close the window.
6.2.6. Assigning Security Groups to vNIC Profiles
Note
Note
# neutron security-group-list
Procedure 6.10. Assigning Security Groups to vNIC Profiles
- Click the Networks tab and select a logical network from the results list.
- Click the vNIC Profiles tab in the details pane.
- Click VM Interface Profile window., or select an existing vNIC profile and click , to open the
- From the custom properties drop-down list, select SecurityGroups. Leaving the custom property drop-down blank applies the default security settings, which permit all outbound traffic and intercommunication but deny all inbound traffic from outside of the default security group. Note that removing the SecurityGroups property later will not affect the applied security group.
- In the text field, enter the ID of the security group to attach to the vNIC profile.
- Click.
6.2.7. User Permissions for vNIC Profiles
Procedure 6.11. User Permissions for vNIC Profiles
- Click the Networks tab and select a logical network from the results list.
- Click the vNIC Profiles resource tab to display the vNIC profiles.
- Click the Permissions tab in the details pane to show the current user permissions for the profile.
- Click the Add Permission to User window, and the button to open the Remove Permission window, to change user permissions for the vNIC profile.button to open the
- In the Add Permissions to User window, click My Groups to display your user groups. You can use this option to grant permissions to other users in your groups.
6.2.8. Configuring vNIC Profiles for UCS Integration
vdsm-hook-vmfex-dev
hook allows virtual machines to connect to Cisco's UCS-defined port profiles by configuring the vNIC profile. The UCS-defined port profiles contain the properties and settings used to configure virtual interfaces in UCS. The vdsm-hook-vmfex-dev
hook is installed by default with VDSM. See Appendix A, VDSM and Hooks for more information.
Note
Procedure 6.12. Configuring the Custom Device Property
- On the Red Hat Virtualization Manager, configure the
vmfex
custom property and set the cluster compatibility level using--cver
.# engine-config -s CustomDeviceProperties='{type=interface;prop={vmfex=^[a-zA-Z0-9_.-]{2,32}$}}' --cver=3.6
- Verify that the
vmfex
custom device property was added.# engine-config -g CustomDeviceProperties
- Restart the engine.
# systemctl restart ovirt-engine.service
Procedure 6.13. Configuring a vNIC Profile for UCS Integration
- Click the Networks resource tab, and select a logical network in the results list.
- Select the vNIC Profiles tab in the details pane. If you selected the logical network in tree mode, you can select the vNIC Profiles tab in the results list.
- Click VM Interface Profile window.or to open the
- Enter the Name and Description of the profile.
- Select the
vmfex
custom property from the custom properties list and enter the UCS port profile name. - Click.