Hi Dimitri, I couldn't quite understand what you have done. And couldn't find the attachment too.
-Georgy On Thu, Aug 2, 2012 at 10:54 AM, Mani Shafa'atDoost <[email protected]>wrote: > Hi Dimitri, > > I had some difficulties to understand what are you going to do. But, as far > as I understood, you are planing to add more than 2 NICs on each VM( > depends on preconfigured network information) and then assign these NICs to > special VLAN group. > I was thinking to use the same method but there are some problem of using > of just VLans: > 1. You can't make a communication between two VMs which are located over > the router by using Vlan. > 2. You can't control traffic and make special rules for traffic of each VM. > 3. This solution isn't extendable if you want to extend VCL in near future. > So I came with the following solution : > http://users.cis.fiu.edu/~mshaf012/pdf/OpenVswitch.pdf > > BTW, I can't see your attachment, it would be better to upload it > somewhere. > > Best Regards > Mani > > On Thu, Aug 2, 2012 at 10:29 AM, Dmitri Chebotarov <[email protected]> > wrote: > > > Hi > > > > I would like to share a method of adding custom networks per a VCL image. > > This solution is based on the code already present in VCL. > > > > This solution is not end-user/student oriented. There is no option to > > specify networks during reservation. > > Network(s) and VM hosts needs to be preconfigured before custom networks > > can be used. > > Switch Local VLAN IDs can be used to create isolated networks for VCL. > > Global VLAN IDs can be used to give VCL reservations access to different > > networks. > > > > Isolated network use example would be a security class where malicious > > traffic needs to be generated and analyzed. Running such class on > > public/private VCL network is not desirable, so an isolated VCL network > can > > be used in this case. In case with isolated networks a DHCP server needs > to > > be present to provide IP addresses on isolated networks. The DHCP server > > can be part of VCL infrastructure or be a very-long-term server > reservation > > (the new feature in VCL 2.3). > > > > Global use example would be a VCL reservation which needs access to a > > department network or lab environment. It allows to connect VCL > > reservations to existing infrastructure. > > > > It's different from CS/OS implementation as it doesn't give any control > > over networking to end-user, hence no security concerns about VCL > end-users > > getting unwanted access to a custom network(s). > > Since custom network(s) is part of the image properties, only > groups/users > > who allowed to make reservation based on the image will have access to > > specified networks. > > > > Below is PDF file with code changes. I've tested it in sandbox env and it > > seems to be working well. > > > > > > > > > > Thanks. > > > > On Jul 31, 2012, at 13:16 , Mani Shafa'atDoost <[email protected]> > > wrote: > > > > > Hi Dmitri, > > > > > > This seems interesting to me. I am planing to do a contribution on VCL > > > project which allow you to make a network topology of VMs and load this > > > topology instead of one VM. For this reason I need to add more NIC on > > some > > > images and also I need to make a mechanism for this communication. > > > I have read a lot about this and I think the best option is using Open > > > Vswitch on VCL which has a strong support on networking part and allow > > you > > > to do many things on network side. Currently I am making some documents > > and > > > I will post it here. I would be happy to see some other people from > this > > > group to work on networking part. > > > > > > > > > On Tue, Jul 31, 2012 at 12:55 PM, Dmitri Chebotarov <[email protected] > > >wrote: > > > > > >> Hi > > >> > > >> Looks like VMware.pm already has a code to add custom networking based > > on > > >> project name: > > >> > > >> # Add additional Ethernet interfaces if the image project name > is > > >> not vcl > > >> if ($image_project !~ /^vcl$/i && > > >> $self->api->can('get_network_names')) { > > >> notify($ERRORS{'DEBUG'}, 0, "image project is: > > >> $image_project, checking if additional network adapters should be > > >> configured"); > > >> > > >> # Get a list of all the network names configured on the > > >> VMware host > > >> my @network_names = $self->api->get_network_names(); > > >> notify($ERRORS{'DEBUG'}, 0, "retrieved network names > > >> configured on the VM host: " . join(", ", @network_names)); > > >> > > >> # Check each network name > > >> # Begin the index at 2 for additional interfaces added > > >> because ethernet0 and ethernet1 have already been added > > >> for my $network_name (@network_names) { > > >> if ($network_name =~ /$image_project/i || > > >> $image_project =~ /$network_name/i) { > > >> notify($ERRORS{'DEBUG'}, 0, "network > name > > >> ($network_name) and image project name ($image_project) intersect, > > adding > > >> network interface to VM for network $network_name"); > > >> %vmx_parameters = (%vmx_parameters, > > >> %{$self->get_generated_ethernet_vmx_definition($interface_index, > > >> $network_name)}); > > >> $interface_index++; > > >> } > > >> else { > > >> notify($ERRORS{'DEBUG'}, 0, "network > name > > >> ($network_name) and image project name ($image_project) do not > > intersect, > > >> network interface will not be added to VM for network $network_name"); > > >> } > > >> } > > >> > > >> } > > >> else { > > >> notify($ERRORS{'DEBUG'}, 0, "image project is: > > >> $image_project, additional network adapters will not be configured"); > > >> } > > >> > > >> By default all image has project as 'vcl'. > > >> Currently project name can only be in ('vcl','hpc','vclhpc'). > > >> Will it be OK to remove ENUM on project column, create corresponding > > >> additional networks on ESXi servers and use this option to add custom > > >> networks? > > >> > > >> I've also tested how additional VM networks in Virtual Host profile > > work. > > >> Once I configured profile with additional networks, these networks are > > >> added to each reservation which starts on corresponding VM host. > > >> This may not be what I'm looking for, as I don't need all these > networks > > >> on each image. > > >> > > >> Thank you. > > >> > > >> On Jul 31, 2012, at 11:39 , Dmitri Chebotarov <[email protected]> > wrote: > > >> > > >>> Hi > > >>> > > >>> VCL 2.3 has added two more VM Networks in Virtual Host profile. > > >>> Can I use these networks (all at once or selectively) in images? > > >>> > > >>> I'm looking to add custom network interface to a Linux image (in > > >> addition to default Private/Public). > > >>> > > >>> -- > > >>> Thank you, > > >>> > > >>> Dmitri Chebotarov > > >>> Virtual Computing Lab Systems Engineer, TSD - Ent Servers & Messaging > > >>> 223 Aquia Building, Ffx, MSN: 1B5 > > >>> Phone: (703) 993-6175 > > >>> Fax: (703) 993-3404 > > >>> > > >>> > > >>> > > >>> > > >> > > >> > > >> > > >> -- > > >> Thank you, > > >> > > >> Dmitri Chebotarov > > >> Virtual Computing Lab Systems Engineer, TSD - Ent Servers & Messaging > > >> 223 Aquia Building, Ffx, MSN: 1B5 > > >> Phone: (703) 993-6175 > > >> Fax: (703) 993-3404 > > >> > > >> > > >> > > >> > > >> > > > > > > > > > -- > > > Best Regards > > > Mani > > > > > > > > -- > > Thank you, > > > > Dmitri Chebotarov > > Virtual Computing Lab Systems Engineer, TSD - Ent Servers & Messaging > > 223 Aquia Building, Ffx, MSN: 1B5 > > Phone: (703) 993-6175 > > Fax: (703) 993-3404 > > > > > > > > > > > > > > > -- > Best Regards > Mani >
