Search

14.2. Adding External Providers

download PDF

14.2.1. Adding a Red Hat Satellite Instance for Host Provisioning

Add a Satellite instance for host provisioning to the Red Hat Virtualization Manager. Red Hat Virtualization 4.2 is supported with Red Hat Satellite 6.1.

Adding a Satellite Instance for Host Provisioning

  1. Click Administration Providers.
  2. Click Add.
  3. Enter a Name and Description.
  4. Select Foreman/Satellite from the Type drop-down list.
  5. Enter the URL or fully qualified domain name of the machine on which the Satellite instance is installed in the Provider URL text field. You do not need to specify a port number.

    Important

    IP addresses cannot be used to add a Satellite instance.

  6. Select the Requires Authentication check box.
  7. Enter the Username and Password for the Satellite instance. You must use the same user name and password as you would use to log in to the Satellite provisioning portal.
  8. Test the credentials:

    1. Click Test to test whether you can authenticate successfully with the Satellite instance using the provided credentials.
    2. If the Satellite instance uses SSL, the Import provider certificates window opens; click OK to import the certificate that the Satellite instance provides to ensure the Manager can communicate with the instance.
  9. Click OK.

14.2.2. Adding an OpenStack Image (Glance) Instance for Image Management

Add an OpenStack Image (Glance) instance for image management to the Red Hat Virtualization Manager.

Adding an OpenStack Image (Glance) Instance for Image Management

  1. Click Administration Providers.
  2. Click Add and enter the details in the General Settings tab. For more information on these fields, see Section 14.2.10, “Add Provider General Settings Explained”.
  3. Enter a Name and Description.
  4. Select OpenStack Image from the Type drop-down list.
  5. Enter the URL or fully qualified domain name of the machine on which the OpenStack Image instance is installed in the Provider URL text field.
  6. Optionally, select the Requires Authentication check box and enter the Username and Password for the OpenStack Image instance user registered in Keystone. You must also define the authentication URL of the Keystone server by defining the Protocol (must be HTTP), Hostname, and API Port.

    Enter the Tenant for the OpenStack Image instance.

  7. Test the credentials:

    1. Click Test to test whether you can authenticate successfully with the OpenStack Image instance using the provided credentials.
    2. If the OpenStack Image instance uses SSL, the Import provider certificates window opens. Click OK to import the certificate that the OpenStack Image instance provides to ensure the Manager can communicate with the instance.
  8. Click OK.

14.2.3. Adding an OpenStack Networking (Neutron) Instance for Network Provisioning

Add an OpenStack Networking (neutron) instance for network provisioning to the Red Hat Virtualization Manager. To add other third-party network providers that implement the OpenStack Neutron REST API, see Section 14.2.9, “Adding an External Network Provider”.

Important

Red Hat Virtualization supports Red Hat OpenStack Platform versions 10, 13, and 14 as external network providers.

  • OpenStack 10 should be deployed with an OVS driver.
  • OpenStack 13 should be deployed with an OVS, OVN, or ODL driver.
  • OpenStack 14 should be deployed with an OVN or ODL driver.

To use neutron networks, hosts must have the neutron agents configured. You can configure the agents manually, or use the Red Hat OpenStack Platform director to deploy the Networker role, before adding the network node to the Manager as a host. Using the director is recommended. Automatic deployment of the neutron agents through the Network Provider tab in the New Host window is not supported.

Although network nodes and regular hosts can be used in the same cluster, virtual machines using neutron networks can only run on network nodes.

Adding a Network Node as a Host

  1. Use the Red Hat OpenStack Platform director to deploy the Networker role on the network node. See Creating a New Role and Networker in the Red Hat OpenStack Platform Advanced Overcloud Customization Guide.
  2. Enable the required repositories:

    1. Register your system with the Content Delivery Network, entering your Customer Portal user name and password when prompted:

      # subscription-manager register
    2. Find the Red Hat Enterprise Linux Server and Red Hat Virtualization subscription pools and record the pool IDs:

      # subscription-manager list --available
    3. Use the pool IDs to attach the subscriptions to the system:

      # subscription-manager attach --pool=poolid
    4. Configure the repositories:

      # subscription-manager repos \
          --disable='*' \
          --enable=rhel-7-server-rpms \
          --enable=rhel-7-server-rhv-4-mgmt-agent-rpms \
          --enable=rhel-7-server-ansible-2.9-rpms
    5. Ensure that all packages currently installed are up to date:

      # yum update
    6. Reboot the machine if any kernel packages were updated.
  3. Install the Openstack Networking hook:

    # yum install vdsm-hook-openstacknet
  4. Add the network node to the Manager as a host. See Section 10.5.1, “Adding Standard Hosts to the Red Hat Virtualization Manager”.

    Important

    Do not select the OpenStack Networking provider from the Network Provider tab. This is currently not supported.

Adding an OpenStack Networking (Neutron) Instance for Network Provisioning

  1. Click Administration Providers.
  2. Click Add and enter the details in the General Settings tab. For more information on these fields, see Section 14.2.10, “Add Provider General Settings Explained”.
  3. Enter a Name and Description.
  4. Select OpenStack Networking from the Type drop-down list.
  5. Ensure that Open vSwitch is selected in the Networking Plugin field.
  6. Optionally, select the Automatic Synchronization check box. This enables automatic synchronization of the external network provider with existing networks.
  7. Enter the URL or fully qualified domain name of the machine on which the OpenStack Networking instance is installed in the Provider URL text field, followed by the port number. The Read-Only check box is selected by default. This prevents users from modifying the OpenStack Networking instance.

    Important

    You must leave the Read-Only check box selected for your setup to be supported by Red Hat.

  8. Optionally, select the Requires Authentication check box and enter the Username and Password for the OpenStack Networking user registered in Keystone. You must also define the authentication URL of the Keystone server by defining the Protocol, Hostname, API Port, and API Version.

    For API version 2.0, enter the Tenant for the OpenStack Networking instance. For API version 3, enter the User Domain Name, Project Name, and Project Domain Name.

  9. Test the credentials:

    1. Click Test to test whether you can authenticate successfully with the OpenStack Networking instance using the provided credentials.
    2. If the OpenStack Networking instance uses SSL, the Import provider certificates window opens; click OK to import the certificate that the OpenStack Networking instance provides to ensure the Manager can communicate with the instance.
  10. Click the Agent Configuration tab.

    Warning

    The following steps are provided only as a Technology Preview. Red Hat Virtualization only supports preconfigured neutron hosts.

  11. Enter a comma-separated list of interface mappings for the Open vSwitch agent in the Interface Mappings field.
  12. Select the message broker type that the OpenStack Networking instance uses from the Broker Type list.
  13. Enter the URL or fully qualified domain name of the host on which the message broker is hosted in the Host field.
  14. Enter the Port by which to connect to the message broker. This port number will be 5762 by default if the message broker is not configured to use SSL, and 5761 if it is configured to use SSL.
  15. Enter the Username and Password of the OpenStack Networking user registered in the message broker instance.
  16. Click OK.

You have added the OpenStack Networking instance to the Red Hat Virtualization Manager. Before you can use the networks it provides, import the networks into the Manager. See Section 9.3.1, “Importing Networks From External Providers”.

14.2.4. Adding an OpenStack Block Storage (Cinder) Instance for Storage Management

Important

Using an OpenStack Block Storage (Cinder) instance for storage management is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs), might not be functionally complete, and Red Hat does not recommend to use them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.

For more information on Red Hat Technology Preview features support scope, see https://access.redhat.com/support/offerings/techpreview/.

Add an OpenStack Block Storage (Cinder) instance for storage management to the Red Hat Virtualization Manager. The OpenStack Cinder volumes are provisioned by Ceph Storage.

Adding an OpenStack Block Storage (Cinder) Instance for Storage Management

  1. Click Administration Providers.
  2. Click Add and enter the details in the General Settings tab. For more information on these fields, see Section 14.2.10, “Add Provider General Settings Explained”.
  3. Enter a Name and Description.
  4. Select OpenStack Block Storage from the Type drop-down list.
  5. Select the Data Center to which OpenStack Block Storage volumes will be attached.
  6. Enter the URL or fully qualified domain name of the machine on which the OpenStack Block Storage instance is installed, followed by the port number, in the Provider URL text field.
  7. Optionally, select the Requires Authentication check box and enter the Username and Password for the OpenStack Block Storage instance user registered in Keystone. Define the authentication URL of the Keystone server by defining the Protocol (must be HTTP), Hostname, and API Port.

    Enter the Tenant for the OpenStack Block Storage instance.

  8. Click Test to test whether you can authenticate successfully with the OpenStack Block Storage instance using the provided credentials.
  9. Click OK.
  10. If client Ceph authentication (cephx) is enabled, you must also complete the following steps. The cephx protocol is enabled by default.

    1. On your Ceph server, create a new secret key for the client.cinder user using the ceph auth get-or-create command. See Cephx Configuration Reference for more information on cephx, and Managing Users for more information on creating keys for new users. If a key already exists for the client.cinder user, retrieve it using the same command.
    2. In the Administration Portal, select the newly created Cinder external provider from the Providers list.
    3. Click the Authentication Keys tab.
    4. Click New.
    5. Enter the secret key in the Value field.
    6. Copy the automatically generated UUID, or enter an existing UUID in the text field.
    7. On your Cinder server, add the UUID from the previous step and the cinder user to /etc/cinder/cinder.conf:

      rbd_secret_uuid = UUID
      rbd_user = cinder

See Section 13.6.1, “Creating a Virtual Disk” for more information about creating a OpenStack Block Storage (Cinder) disk.

14.2.5. Adding a VMware Instance as a Virtual Machine Provider

Add a VMware vCenter instance to import virtual machines from VMware to the Red Hat Virtualization Manager.

Red Hat Virtualization uses V2V to convert VMware virtual machines to the correct format before they are imported. The virt-v2v package must be installed on at least one host. The virt-v2v package is available by default on Red Hat Virtualization Hosts (RHVH) and is installed on Red Hat Enterprise Linux hosts as a dependency of VDSM when added to the Red Hat Virtualization environment. Red Hat Enterprise Linux hosts must be Red Hat Enterprise Linux 7.2 or later.

Note

The virt-v2v package is not available on ppc64le architecture; these hosts cannot be used as proxy hosts.

Adding a VMware vCenter Instance as a Virtual Machine Provider

  1. Click Administration Providers.
  2. Click Add.
  3. Enter a Name and Description.
  4. Select VMware from the Type drop-down list.
  5. Select the Data Center into which VMware virtual machines will be imported, or select Any Data Center to instead specify the destination data center during individual import operations.
  6. Enter the IP address or fully qualified domain name of the VMware vCenter instance in the vCenter field.
  7. Enter the IP address or fully qualified domain name of the host from which the virtual machines will be imported in the ESXi field.
  8. Enter the name of the data center in which the specified ESXi host resides in the Data Center field.
  9. If you have exchanged the SSL certificate between the ESXi host and the Manager, leave the Verify server’s SSL certificate check box selected to verify the ESXi host’s certificate. If not, clear the check box.
  10. Select a host in the chosen data center with virt-v2v installed to serve as the Proxy Host during virtual machine import operations. This host must also be able to connect to the network of the VMware vCenter external provider. If you selected Any Data Center above, you cannot choose the host here, but instead can specify a host during individual import operations.
  11. Enter the Username and Password for the VMware vCenter instance. The user must have access to the VMware data center and ESXi host on which the virtual machines reside.
  12. Test the credentials:

    1. Click Test to test whether you can authenticate successfully with the VMware vCenter instance using the provided credentials.
    2. If the VMware vCenter instance uses SSL, the Import provider certificates window opens; click OK to import the certificate that the VMware vCenter instance provides to ensure the Manager can communicate with the instance.
  13. Click OK.

To import virtual machines from the VMware external provider, see Importing a Virtual Machine from a VMware Provider in the Virtual Machine Management Guide.

14.2.6. Adding a RHEL 5 Xen Host as a Virtual Machine Provider

Add a RHEL 5 Xen host to import virtual machines from Xen to Red Hat Virtualization.

Red Hat Virtualization uses V2V to convert RHEL 5 Xen virtual machines to the correct format before they are imported. The virt-v2v package must be installed on at least one host. The virt-v2v package is available by default on Red Hat Virtualization Hosts (RHVH) and is installed on Red Hat Enterprise Linux hosts as a dependency of VDSM when added to the Red Hat Virtualization environment. Red Hat Enterprise Linux hosts must be Red Hat Enterprise Linux 7.2 or later.

Note

The virt-v2v package is not available on ppc64le architecture; these hosts cannot be used as proxy hosts.

Adding a RHEL 5 Xen Instance as a Virtual Machine Provider

  1. Enable public key authentication between the proxy host and the RHEL 5 Xen host:

    1. Log in to the proxy host and generate SSH keys for the vdsm user.

      # sudo -u vdsm ssh-keygen
    2. Copy the vdsm user’s public key to the RHEL 5 Xen host. The proxy host’s known_hosts file will also be updated to include the host key of the RHEL 5 Xen host.

      # sudo -u vdsm ssh-copy-id root@xenhost.example.com
    3. Log in to the RHEL 5 Xen host to verify that the login works correctly.

      # sudo -u vdsm ssh root@xenhost.example.com
  2. Click Administration Providers.
  3. Click Add.
  4. Enter a Name and Description.
  5. Select XEN from the Type drop-down list.
  6. Select the Data Center into which Xen virtual machines will be imported, or select Any Data Center to specify the destination data center during individual import operations.
  7. Enter the URI of the RHEL 5 Xen host in the URI field.
  8. Select a host in the chosen data center with virt-v2v installed to serve as the Proxy Host during virtual machine import operations. This host must also be able to connect to the network of the RHEL 5 Xen external provider. If you selected Any Data Center above, you cannot choose the host here, but instead can specify a host during individual import operations.
  9. Click Test to test whether you can authenticate successfully with the RHEL 5 Xen host.
  10. Click OK.

To import virtual machines from a RHEL 5 Xen external provider, see Importing a Virtual Machine from a RHEL 5 Xen Host in the Virtual Machine Management Guide.

14.2.7. Adding a KVM Host as a Virtual Machine Provider

Add a KVM host to import virtual machines from KVM to Red Hat Virtualization Manager.

Adding a KVM Host as a Virtual Machine Provider

  1. Enable public key authentication between the proxy host and the KVM host:

    1. Log in to the proxy host and generate SSH keys for the vdsm user.

      # sudo -u vdsm ssh-keygen
    2. Copy the vdsm user’s public key to the KVM host. The proxy host’s known_hosts file will also be updated to include the host key of the KVM host.

      # sudo -u vdsm ssh-copy-id root@kvmhost.example.com
    3. Log in to the KVM host to verify that the login works correctly.

      # sudo -u vdsm ssh root@kvmhost.example.com
  2. Click Administration Providers.
  3. Click Add.
  4. Enter a Name and Description.
  5. Select KVM from the Type drop-down list.
  6. Select the Data Center into which KVM virtual machines will be imported, or select Any Data Center to specify the destination data center during individual import operations.
  7. Enter the URI of the KVM host in the URI field.

    qemu+ssh://root@host.example.com/system
  8. Select a host in the chosen data center to serve as the Proxy Host during virtual machine import operations. This host must also be able to connect to the network of the KVM external provider. If you selected Any Data Center in the Data Center field above, you cannot choose the host here. The field is greyed out and shows Any Host in Data Center. Instead you can specify a host during individual import operations.
  9. Optionally, select the Requires Authentication check box and enter the Username and Password for the KVM host. The user must have access to the KVM host on which the virtual machines reside.
  10. Click Test to test whether you can authenticate successfully with the KVM host using the provided credentials.
  11. Click OK.

To import virtual machines from a KVM external provider, see Importing a Virtual Machine from a KVM Host in the Virtual Machine Management Guide.

14.2.8. Adding Open Virtual Network (OVN) as an External Network Provider

Open Virtual Network (OVN) enables you to create networks without adding VLANs or changing the infrastructure. OVN is an Open vSwitch (OVS) extension that enables support for virtual networks by adding native OVS support for virtual L2 and L3 overlays.

You can either install a new OVN network provider or add an existing one.

You can also connect an OVN network to a native Red Hat Virtualization network. See Section 14.2.8.5, “Connecting an OVN Network to a Physical Network” for more information. This feature is available as a Technology Preview only.

A Neutron-like REST API is exposed by ovirt-provider-ovn, enabling you to create networks, subnets, ports, and routers (see the OpenStack Networking API v2.0 for details). These overlay networks enable communication among the virtual machines.

Note

OVN is supported as an external provider by CloudForms, using the OpenStack (Neutron) API. See Network Managers in Red Hat CloudForms: Managing Providers for details.

For more information on OVS and OVN, see the OVS documentation at http://docs.openvswitch.org/en/latest/ and http://openvswitch.org/support/dist-docs/.

14.2.8.1. Installing a New OVN Network Provider

Warning

If the openvswitch package is already installed and if the version is 1:2.6.1 (version 2.6.1, epoch 1), the OVN installation will fail when it tries to install the latest openvswitch package. See the Doc Text in BZ#1505398 for the details and a workaround.

When you install OVN using engine-setup, the following steps are automated:

  • Setting up an OVN central server on the Manager machine.
  • Adding OVN to Red Hat Virtualization as an external network provider.
  • Setting the Default cluster’s default network provider to ovirt-provider-ovn.
  • Configuring hosts to communicate with OVN when added to the cluster.

If you use a preconfigured answer file with engine-setup, you can add the following entry to install OVN:

OVESETUP_OVN/ovirtProviderOvn=bool:True

Installing a New OVN Network Provider

  1. Install OVN on the Manager using engine-setup. During the installation, engine-setup asks the following questions:

    # Install ovirt-provider-ovn(Yes, No) [Yes]?:
    • If Yes, engine-setup installs ovirt-provider-ovn. If engine-setup is updating a system, this prompt only appears if ovirt-provider-ovn has not been installed previously.
    • If No, you will not be asked again on the next run of engine-setup. If you want to see this option, run engine-setup --reconfigure-optional-components.

      # Use default credentials (admin@internal) for ovirt-provider-ovn(Yes, No) [Yes]?:

      If Yes, engine-setup uses the default engine user and password specified earlier in the setup process. This option is only available during new installations.

      # oVirt OVN provider user[admin]:
      # oVirt OVN provider password[empty]:

      You can use the default values or specify the oVirt OVN provider user and password.

      Note

      To change the authentication method later, you can edit the /etc/ovirt-provider-ovn/conf.d/10_engine_setup.conf file, or create a new /etc/ovirt-provider-ovn/conf.d/20_engine_setup.conf file. Restart the ovirt-provider-ovn service for the change to take effect. See https://github.com/oVirt/ovirt-provider-ovn/blob/master/README.adoc for more information about OVN authentication.

  2. Add hosts to the Default cluster. Hosts added to this cluster are automatically configured to communicate with OVN. To add new hosts, see Section 10.5.1, “Adding Standard Hosts to the Red Hat Virtualization Manager”.

    To configure your hosts to use an existing, non-default network, see Section 14.2.8.4, “Configuring Hosts for an OVN Tunnel Network”.

  3. Add networks to the Default cluster; see Section 9.1.2, “Creating a New Logical Network in a Data Center or Cluster” and select the Create on external provider check box. ovirt-provider-ovn is selected by default.
  4. To connect the OVN network to a native Red Hat Virtualization network, select the Connect to physical network check box and specify the Red Hat Virtualization network to use. See Section 14.2.8.5, “Connecting an OVN Network to a Physical Network” for more information and prerequisites.
  5. Define whether the network should use Security Groups from the Security Groups drop-down. For more information on the available options see Section 9.1.7, “Logical Network General Settings Explained”. You can now create virtual machines that use OVN networks.

14.2.8.2. Adding an Existing OVN Network Provider

Adding an existing OVN central server as an external network provider in Red Hat Virtualization involves the following key steps:

  • Install the OVN provider, a proxy used by the Manager to interact with OVN. The OVN provider can be installed on any machine, but must be able to communicate with the OVN central server and the Manager.
  • Add the OVN provider to Red Hat Virtualization as an external network provider.
  • Create a new cluster that uses OVN as its default network provider. Hosts added to this cluster are automatically configured to communicate with OVN.

Prerequisites

The following packages are required by the OVN provider and must be available on the provider machine:

  • openvswitch-ovn-central
  • openvswitch
  • openvswitch-ovn-common
  • python-openvswitch

If these packages are not available from the repositories already enabled on the provider machine, they can be downloaded from the OVS website: http://openvswitch.org/download/.

Adding an Existing OVN Network Provider

  1. Install and configure the OVN provider.

    1. Install the provider on the provider machine:

      # yum install ovirt-provider-ovn
    2. If you are not installing the provider on the same machine as the Manager, add the following entry to the /etc/ovirt-provider-ovn/conf.d/10_engine_setup.conf file (create this file if it does not already exist):

      [OVIRT]
      ovirt-host=https://Manager_host_name

      This is used for authentication, if authentication is enabled.

    3. If you are not installing the provider on the same machine as the OVN central server, add the following entry to the /etc/ovirt-provider-ovn/conf.d/10_engine_setup.conf file (create this file if it does not already exist):

      [OVN REMOTE]
      ovn-remote=tcp:OVN_central_server_IP:6641
    4. Open ports 9696, 6641, and 6642 in the firewall to allow communication between the OVN provider, the OVN central server, and the Manager. This can be done either manually or by adding the ovirt-provider-ovn and ovirt-provider-ovn-central services to the appropriate zone:

      # firewall-cmd --zone=ZoneName --add-service=ovirt-provider-ovn --permanent
      # firewall-cmd --zone=ZoneName --add-service=ovirt-provider-ovn-central --permanent
      # firewall-cmd --reload
    5. Start and enable the service:

      # systemctl start ovirt-provider-ovn
      # systemctl enable ovirt-provider-ovn
    6. Configure the OVN central server to listen to requests from ports 6642 and 6641:

      # ovn-sbctl set-connection ptcp:6642
      # ovn-nbctl set-connection ptcp:6641
  2. In the Administration Portal, click Administration Providers.
  3. Click Add and enter the details in the General Settings tab. For more information on these fields, see Section 14.2.10, “Add Provider General Settings Explained”.
  4. Enter a Name and Description.
  5. From the Type list, select External Network Provider.
  6. Click the Networking Plugin text box and select oVirt Network Provider for OVN from the drop-down menu.
  7. Optionally, select the Automatic Synchronization check box. This enables automatic synchronization of the external network provider with existing networks.

    Note

    Automatic synchronization is enabled by default on the ovirt-provider-ovn network provider created by the engine-setup tool.

  8. Enter the URL or fully qualified domain name of the OVN provider in the Provider URL text field, followed by the port number. If the OVN provider and the OVN central server are on separate machines, this is the URL of the provider machine, not the central server. If the OVN provider is on the same machine as the Manager, the URL can remain the default http://localhost:9696.
  9. Clear the Read-Only check box to allow creating new OVN networks from the Red Hat Virtualization Manager.
  10. Optionally, select the Requires Authentication check box and enter the Username and Password for the for the external network provider user registered in Keystone. You must also define the authentication URL of the Keystone server by defining the Protocol, Hostname, and API Port.

    Optionally, enter the Tenant for the external network provider.

    The authentication method must be configured in the /etc/ovirt-provider-ovn/conf.d/10_engine_setup.conf file (create this file if it does not already exist). Restart the ovirt-provider-ovn service for the change to take effect. See https://github.com/oVirt/ovirt-provider-ovn/blob/master/README.adoc for more information about OVN authentication.

  11. Test the credentials:

    1. Click Test to test whether you can authenticate successfully with OVN using the provided credentials.
    2. If the OVN instance uses SSL, the Import provider certificates window opens; click OK to import the certificate that the OVN instance provides to ensure the Manager can communicate with the instance.
  12. Click OK.
  13. Create a new cluster that uses OVN as its default network provider. See Section 8.2.1, “Creating a New Cluster” and select the OVN network provider from the Default Network Provider drop-down list.
  14. Add hosts to the cluster. Hosts added to this cluster are automatically configured to communicate with OVN. To add new hosts, see Section 10.5.1, “Adding Standard Hosts to the Red Hat Virtualization Manager”.
  15. Import or add OVN networks to the new cluster. To import networks, see Importing Networks. To create new networks using OVN, see Creating a new logical network in a data center or cluster, and select the Create on external provider check box. ovirt-provider-ovn is selected by default.

    To configure your hosts to use an existing, non-default network, see Section 14.2.8.4, “Configuring Hosts for an OVN Tunnel Network”.

    To connect the OVN network to a native Red Hat Virtualization network, select the Connect to physical network check box and specify the Red Hat Virtualization network to use. See Section 14.2.8.5, “Connecting an OVN Network to a Physical Network” for more information and prerequisites.

You can now create virtual machines that use OVN networks.

14.2.8.3. Using an Ansible playbook to modify an OVN tunnel network

You can use the ovirt-provider-ovn-driver Ansible playbook to use long names to modify the tunnel network for OVN controllers.

Ansible playbook to modify an OVN tunnel network

# ansible-playbook --key-file <path_to_key_file> -i <path_to_inventory> --extra-vars " cluster_name=<cluster_name> ovn_central=<ovn_central_ip_address> ovirt_network=<ovirt network name> ovn_tunneling_interface=<vdsm_network_name>" ovirt-provider-ovn-driver.yml

Parameters

key-file
The key file to log into the host. The default key file is usually found in the /etc/pki/ovirt-engine/keys directory.
inventory
The oVirt VM inventory. To locate the inventory value, use this script: /usr/share/ovirt-engine-metrics/bin/ovirt-engine-hosts-ansible-inventory.
cluster_name
The name of the cluster on which to update the name.
ovn_central
The IP address to the OVN central server. This IP address must be accessible to all hosts.
ovirt_network
The oVirt network name.
ovn_tunneling_interface
The VDSM network name.
Note

The ovirt-provider-ovn-driver Ansible playbook supports using either the ovirt_network parameter or the ovn_tunneling_interface parameter. This playbook fails if both parameters are present in the same playbook.

Playbook with ovirt_network parameter

# ansible-playbook --key-file /etc/pki/ovirt-engine/keys/engine_id_rsa -i /usr/share/ovirt-engine-metrics/bin/ovirt-engine-hosts-ansible-inventory --extra-vars " cluster_name=test-cluster ovn_central=192.168.200.2 ovirt_network=\"Long\ Network\ Name\ with\ \Ascii\ character\ \☺\"" ovirt-provider-ovn-driver.yml

Playbook with ovn_tunneling_interface parameter

# ansible-playbook --key-file /etc/pki/ovirt-engine/keys/engine_id_rsa -i /usr/share/ovirt-engine-metrics/bin/ovirt-engine-hosts-ansible-inventory --extra-vars " cluster_name=test-cluster ovn_central=192.168.200.2 ovn_tunneling_interface=on703ea21ddbc34" ovirt-provider-ovn-driver.yml

On the Manager machine, navigate to the /usr/share/ovirt-engine/playbooks directory to run the Ansible playbooks.

14.2.8.4. Configuring Hosts for an OVN Tunnel Network

You can configure your hosts to use an existing network, other than the default ovirtmgmt network, with the ovirt-provider-ovn-driver Ansible playbook. The network must be accessible to all the hosts in the cluster.

Note

The ovirt-provider-ovn-driver Ansible playbook updates existing hosts. If you add new hosts to the cluster, you must run the playbook again.

Configuring Hosts for an OVN Tunnel Network

  1. On the Manager machine, go to the playbooks directory:

    # cd /usr/share/ovirt-engine/playbooks
  2. Run the ansible-playbook command with the following parameters:

    # ansible-playbook --private-key=/etc/pki/ovirt-engine/keys/engine_id_rsa -i /usr/share/ovirt-engine-metrics/bin/ovirt-engine-hosts-ansible-inventory --extra-vars " cluster_name=Cluster_Name ovn_central=OVN_Central_IP ovn_tunneling_interface=VDSM_Network_Name" ovirt-provider-ovn-driver.yml

    For example:

    # ansible-playbook --private-key=/etc/pki/ovirt-engine/keys/engine_id_rsa -i /usr/share/ovirt-engine-metrics/bin/ovirt-engine-hosts-ansible-inventory --extra-vars " cluster_name=MyCluster ovn_central=192.168.0.1 ovn_tunneling_interface=MyNetwork" ovirt-provider-ovn-driver.yml
    Note

    The OVN_Central_IP can be on the new network, but this is not a requirement. The OVN_Central_IP must be accessible to all hosts.

    The VDSM_Network_Name is limited to 15 characters. If you defined a logical network name that was longer than 15 characters or contained non-ASCII characters, a 15-character name is automatically generated. See Mapping VDSM Names to Logical Network Names for instructions on displaying a mapping of these names.

Updating the OVN Tunnel Network on a Single Host

You can update the OVN tunnel network on a single host with vdsm-tool:

# vdsm-tool ovn-config OVN_Central_IP Tunneling_IP_or_Network_Name

Example 14.1. Updating a Host with vdsm-tool

# vdsm-tool ovn-config 192.168.0.1 MyNetwork

14.2.8.5. Connecting an OVN Network to a Physical Network

Important

This feature relies on Open vSwitch support, which is available only as a Technology Preview in Red Hat Virtualization. Technology Preview features are not supported with Red Hat production service level agreements (SLAs), might not be functionally complete, and Red Hat does not recommend using them for production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process.

For more information on Red Hat Technology Preview features support scope, see https://access.redhat.com/support/offerings/techpreview/.

You can create an external provider network that overlays a native Red Hat Virtualization network so that the virtual machines on each appear to be sharing the same subnet.

Important

If you created a subnet for the OVN network, a virtual machine using that network will receive an IP address from there. If you want the physical network to allocate the IP address, do not create a subnet for the OVN network.

Prerequisites

  • The cluster must have OVS selected as the Switch Type. Hosts added to this cluster must not have any pre-existing Red Hat Virtualization networks configured, such as the ovirtmgmt bridge.
  • The physical network must be available on the hosts. You can enforce this by setting the physical network as required for the cluster (in the Manage Networks window, or the Cluster tab of the New Logical Network window).

Creating a New External Network Connected to a Physical Network

  1. Click Compute Clusters.
  2. Click the cluster’s name to open the details view.
  3. Click the Logical Networks tab and click Add Network.
  4. Enter a Name for the network.
  5. Select the Create on external provider check box. ovirt-provider-ovn is selected by default.
  6. Select the Connect to physical network check box if it is not already selected by default.
  7. Choose the physical network to connect the new network to:

    • Click the Data Center Network radio button and select the physical network from the drop-down list. This is the recommended option.
    • Click the Custom radio button and enter the name of the physical network. If the physical network has VLAN tagging enabled, you must also select the Enable VLAN tagging check box and enter the physical network’s VLAN tag.

      Important

      The physical network’s name must not be longer than 15 characters, or contain special characters.

  8. Click OK.

14.2.9. Adding an External Network Provider

Any network provider that implements the OpenStack Neutron REST API can be added to Red Hat Virtualization. The virtual interface driver needs to be provided by the implementer of the external network provider. A reference implementation of a network provider and a virtual interface driver are available at https://github.com/mmirecki/ovirt-provider-mock and https://github.com/mmirecki/ovirt-provider-mock/blob/master/docs/driver_instalation.

Adding an External Network Provider for Network Provisioning

  1. Click Administration Providers.
  2. Click Add and enter the details in the General Settings tab. For more information on these fields, see Section 14.2.10, “Add Provider General Settings Explained”.
  3. Enter a Name and Description.
  4. Select External Network Provider from the Type drop-down list.
  5. Optionally, click the Networking Plugin text box and select the appropriate driver from the drop-down menu.
  6. Optionally, select the Automatic Synchronization check box. This enables automatic synchronization of the external network provider with existing networks. This feature is disabled by default when adding external network providers.

    Note

    Automatic synchronization is enabled by default on the ovirt-provider-ovn network provider created by the engine-setup tool.

  7. Enter the URL or fully qualified domain name of the machine on which the external network provider is installed in the Provider URL text field, followed by the port number. The Read-Only check box is selected by default. This prevents users from modifying the external network provider.

    Important

    You must leave the Read-Only check box selected for your setup to be supported by Red Hat.

  8. Optionally, select the Requires Authentication check box and enter the Username and Password for the external network provider user registered in Keystone. You must also define the authentication URL of the Keystone server by defining the Protocol, Hostname, and API Port.

    Optionally, enter the Tenant for the external network provider.

  9. Test the credentials:

    1. Click Test to test whether you can authenticate successfully with the external network provider using the provided credentials.
    2. If the external network provider uses SSL, the Import provider certificates window opens; click OK to import the certificate that the external network provider provides to ensure the Manager can communicate with the instance.
  10. Click OK.

Before you can use networks from this provider, you must install the virtual interface driver on the hosts and import the networks. To import networks, see Section 9.3.1, “Importing Networks From External Providers”.

14.2.10. Add Provider General Settings Explained

The General tab in the Add Provider window allows you to register the core details of the external provider.

Table 14.1. Add Provider: General Settings
SettingExplanation

Name

A name to represent the provider in the Manager.

Description

A plain text, human-readable description of the provider.

Type

The type of external provider. Changing this setting alters the available fields for configuring the provider.

Foreman/Satellite

  • Provider URL: The URL or fully qualified domain name of the machine that hosts the Satellite instance. You do not need to add the port number to the end of the URL or fully qualified domain name.
  • Requires Authentication: Allows you to specify whether authentication is required for the provider. Authentication is mandatory when Foreman/Satellite is selected.
  • Username: A user name for connecting to the Satellite instance. This user name must be the user name used to log in to the provisioning portal on the Satellite instance.
  • Password: The password against which the above user name is to be authenticated. This password must be the password used to log in to the provisioning portal on the Satellite instance.

OpenStack Image

  • Provider URL: The URL or fully qualified domain name of the machine on which the OpenStack Image service is hosted. You must add the port number for the OpenStack Image service to the end of the URL or fully qualified domain name. By default, this port number is 9292.
  • Requires Authentication: Allows you to specify whether authentication is required to access the OpenStack Image service.
  • Username: A user name for connecting to the Keystone server. This user name must be the user name for the OpenStack Image service registered in the Keystone instance of which the OpenStack Image service is a member.
  • Password: The password against which the above user name is to be authenticated. This password must be the password for the OpenStack Image service registered in the Keystone instance of which the OpenStack Image service is a member.
  • Protocol: The protocol used to communicate with the Keystone server. This must be set to HTTP.
  • Hostname: The IP address or hostname of the Keystone server.
  • API port: The API port number of the Keystone server.
  • API Version: The version of the Keystone service. The value is v2.0 and the field is disabled.
  • Tenant Name: The name of the OpenStack tenant of which the OpenStack Image service is a member.

OpenStack Networking

  • Networking Plugin: The networking plugin with which to connect to the OpenStack Networking server. For OpenStack Networking, Open vSwitch is the only option, and is selected by default.
  • Automatic Synchronization: Allows you to specify whether the provider will be automatically synchronized with existing networks.
  • Provider URL: The URL or fully qualified domain name of the machine on which the OpenStack Networking instance is hosted. You must add the port number for the OpenStack Networking instance to the end of the URL or fully qualified domain name. By default, this port number is 9696.
  • Read Only: Allows you to specify whether the OpenStack Networking instance can be modified from the Administration Portal.
  • Requires Authentication: Allows you to specify whether authentication is required to access the OpenStack Networking service.
  • Username: A user name for connecting to the OpenStack Networking instance. This user name must be the user name for OpenStack Networking registered in the Keystone instance of which the OpenStack Networking instance is a member.
  • Password: The password against which the above user name is to be authenticated. This password must be the password for OpenStack Networking registered in the Keystone instance of which the OpenStack Networking instance is a member.
  • Protocol: The protocol used to communicate with the Keystone server. The default is HTTPS.
  • Hostname: The IP address or hostname of the Keystone server.
  • API port: The API port number of the Keystone server.
  • API Version: The version of the Keystone server. This appears in the URL. If v2.0 appears, select v2.0. If v3 appears select v3.

The following fields appear when you select v3 from the API Version field:

  • User Domain Name: The name of the user defined in the domain.

    With Keystone API v3, domains are used to determine administrative boundaries of service entities in OpenStack. Domains allow you to group users together for various purposes, such as setting domain-specific configuration or security options. For more information, see OpenStack Identity (keystone) in the Red Hat OpenStack Platform Architecture Guide.

  • Project Name: Defines the project name for OpenStack Identity API v3.
  • Project Domain Name: Defines the project’s domain name for OpenStack Identity API v3.

The following field appears when you select v2.0 from the API Version field:

  • Tenant Name: Appears only when v2 is selected from the API Version field. The name of the OpenStack tenant of which the OpenStack Networking instance is a member.

OpenStack Volume

  • Data Center: The data center to which OpenStack Volume storage volumes will be attached.
  • Provider URL: The URL or fully qualified domain name of the machine on which the OpenStack Volume instance is hosted. You must add the port number for the OpenStack Volume instance to the end of the URL or fully qualified domain name. By default, this port number is 8776.
  • Requires Authentication: Allows you to specify whether authentication is required to access the OpenStack Volume service.
  • Username: A user name for connecting to the Keystone server. This user name must be the user name for OpenStack Volume registered in the Keystone instance of which the OpenStack Volume instance is a member.
  • Password: The password against which the above user name is to be authenticated. This password must be the password for OpenStack Volume registered in the Keystone instance of which the OpenStack Volume instance is a member.
  • Protocol: The protocol used to communicate with the Keystone server. This must be set to HTTP.
  • Hostname: The IP address or hostname of the Keystone server.
  • API port: The API port number of the Keystone server.
  • API Version: The version of the Keystone server. The value is v2.0 and the field is disabled.
  • Tenant Name: The name of the OpenStack tenant of which the OpenStack Volume instance is a member.

VMware

  • Data Center: Specify the data center into which VMware virtual machines will be imported, or select Any Data Center to specify the destination data center during individual import operations (using the Import function in the Virtual Machines tab).
  • vCenter: The IP address or fully qualified domain name of the VMware vCenter instance.
  • ESXi: The IP address or fully qualified domain name of the host from which the virtual machines will be imported.
  • Data Center: The name of the data center in which the specified ESXi host resides.
  • Cluster: The name of the cluster in which the specified ESXi host resides.
  • Verify server’s SSL certificate: Specify whether the ESXi host’s certificate will be verified on connection.
  • Proxy Host: Select a host in the chosen data center with virt-v2v installed to serve as the host during virtual machine import operations. This host must also be able to connect to the network of the VMware vCenter external provider. If you selected Any Data Center, you cannot choose the host here, but can specify a host during individual import operations (using the Import function in the Virtual Machines tab).
  • Username: A user name for connecting to the VMware vCenter instance. The user must have access to the VMware data center and ESXi host on which the virtual machines reside.
  • Password: The password against which the above user name is to be authenticated.

RHEL 5 Xen

  • Data Center: Specify the data center into which Xen virtual machines will be imported, or select Any Data Center to instead specify the destination data center during individual import operations (using the Import function in the Virtual Machines tab).
  • URI: The URI of the RHEL 5 Xen host.
  • Proxy Host: Select a host in the chosen data center with virt-v2v installed to serve as the host during virtual machine import operations. This host must also be able to connect to the network of the RHEL 5 Xen external provider. If you selected Any Data Center, you cannot choose the host here, but instead can specify a host during individual import operations (using the Import function in the Virtual Machines tab).

KVM

  • Data Center: Specify the data center into which KVM virtual machines will be imported, or select Any Data Center to instead specify the destination data center during individual import operations (using the Import function in the Virtual Machines tab).
  • URI: The URI of the KVM host.
  • Proxy Host: Select a host in the chosen data center to serve as the host during virtual machine import operations. This host must also be able to connect to the network of the KVM external provider. If you selected Any Data Center, you cannot choose the host here, but instead can specify a host during individual import operations (using the Import function in the Virtual Machines tab).
  • Requires Authentication: Allows you to specify whether authentication is required to access the KVM host.
  • Username: A user name for connecting to the KVM host.
  • Password: The password against which the above user name is to be authenticated.

External Network Provider

  • Networking Plugin: Determines which implementation of the driver will be used on the host to handle NIC operations. If an external network provider with the oVirt Network Provider for OVN plugin is added as the default network provider for a cluster, this also determines which driver will be installed on hosts added to the cluster.
  • Automatic Synchronization: Allows you to specify whether the provider will be automatically synchronized with existing networks.
  • Provider URL: The URL or fully qualified domain name of the machine on which the external network provider is hosted. You must add the port number for the external network provider to the end of the URL or fully qualified domain name. By default, this port number is 9696.
  • Read Only: Allows you to specify whether the external network provider can be modified from the Administration Portal.
  • Requires Authentication: Allows you to specify whether authentication is required to access the external network provider.
  • Username: A user name for connecting to the external network provider. If you are authenticating with Active Directory, the user name must be in the format of username@domain@auth_profile instead of the default username@domain.
  • Password: The password against which the above user name is to be authenticated.
  • Protocol: The protocol used to communicate with the Keystone server. The default is HTTPS.
  • Hostname: The IP address or hostname of the Keystone server.
  • API port: The API port number of the Keystone server.
  • API Version: The version of the Keystone server. The value is v2.0 and the field is disabled.
  • Tenant Name: Optional. The name of the tenant of which the external network provider is a member.

Test

Allows users to test the specified credentials. This button is available to all provider types.

14.2.11. Add Provider Agent Configuration Settings Explained

The Agent Configuration tab in the Add Provider window allows users to register details for networking plugins. This tab is only available for the OpenStack Networking provider type.

Table 14.2. Add Provider: Agent Configuration Settings
SettingExplanation

Interface Mappings

A comma-separated list of mappings in the format of label:interface.

Broker Type

The message broker type that the OpenStack Networking instance uses. Select RabbitMQ or Qpid.

Host

The URL or fully qualified domain name of the machine on which the message broker is installed.

Port

The remote port by which a connection with the above host is to be made. By default, this port is 5762 if SSL is not enabled on the host, and 5761 if SSL is enabled.

Username

A user name for authenticating the OpenStack Networking instance with the above message broker. By default, this user name is neutron.

Password

The password against which the above user name is to be authenticated.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.