[ovirt-users] Re: Can't migrate over migration network
I set a migration network today. At first I could not ping the other machines, but then I realized the vlan was a tagged vlan in ovirt. I changed the switch ports to general and tagged them and it worked. I don't know your network or config, but thought I would pass this along. If you have a vlan configured in ovirt, the ports attaching to that network card have to be tagged, not un-tagged. Not sure if this will help but wanted to pass it along. ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/S6V7AYUADFZZYH4XHQ4DGRH4GYKZQGLK/
[ovirt-users] Re: oVirt thrashes Docker network during installation
I'm with you Thomas. I was looking for a way to cluster my kvm's. Ovirt to the rescue. It has been a bit of a learning curve, but well worth the effort. Thanks Ovirt team. Eric Evans Digital Data Services LLC. 304.660.9080 -Original Message- From: tho...@hoberg.net Sent: Sunday, April 12, 2020 2:15 PM To: users@ovirt.org Subject: [ovirt-users] Re: oVirt thrashes Docker network during installation The general idea was, that with oVirt I'd get a little more automation and benefits than with just using VirtualBox as a GUI for KVMs. Boy did I underestimate the amount of intellectual investment for the first value return. Turned out quite a bit bigger than vSphere, but much more intriguing, because after all: The code was all there! I got hooked... beyond reasonble, perhaps. With Openstack they jury has come back a long time ago: Unless you're willing to sacrifice a double digit team for a year or three, don't go near it. Three node HCI oVirt just looked like a tight little project with plenty of expandability... sigh! ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/VTLWH3UKDDOBHXHAQPN5UADWTPZ2KYED/ ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/V2GJNXEZYHVDYTKVXQK3I45VBKVRERGL/
[ovirt-users] Re: oVirt thrashes Docker network during installation
On April 12, 2020 9:54:15 PM GMT+03:00, Arman Khalatyan wrote: >i think it wouldn't work out of box >ovirt will overwrite all your routes and network. you might try to tell >ovirt do jot maintain the network of a interface where you got a docker >and >also add custom rules in the firewall ports template on the engine. > > > schrieb am So., 12. Apr. 2020, 15:51: > >> I want to run containers and VMs side by side and not necessarily >nested. >> The main reason for that is GPUs, Voltas mostly, used for CUDA >machine >> learning not for VDI, which is what most of the VM orchestrators like >oVirt >> or vSphere seem to focus on. And CUDA drivers are notorious for >refusing to >> work under KVM unless you pay $esla. >> >> oVirt is more of a side show in my environment, used to run some >smaller >> functional VMs alongside bigger containers, but also in order to >> consolidate and re-distribute the local compute node storage as a >Gluster >> storage pool: Kibbutz storage and compute, if you want, very much how >I >> understand the HCI philosophy behind oVirt. >> >> The full integration of containers and VMs is still very much on the >> roadmap I believe, but I was surprised to see that even co-existence >seems >> to be a problem currently. >> >> So I set-up a 3-node HCI on CentOS7 (GPU-less and older) hosts and >then >> added additional (beefier GPGPU) CentOS7 hosts, that have been >running CUDA >> workloads on the latest Docker-CE v19 something. >> >> The installation works fine, I can migrate VMs to these extra hosts >etc., >> but to my dismay Docker containers on these hosts lose access to the >local >> network, that is the entire subnet the host is in. For some strange >reason >> I can still ping Internet hosts, perhaps even everything behind the >host's >> gateway, but local connections are blocked. >> >> It would seem that the ovritmgmt network that the oVirt installation >puts >> in breaks the docker0 bridge that Docker put there first. >> >> I'd consider that a bug, but I'd like to gather some feedback first, >if >> anyone else has run into this problem. >> >> I've repeated this several times in completely distinct environments >with >> the same results: >> >> Simply add a host with a working Docker-CE as an oVirt host to an >existing >> DC/cluster and then try if you can still ping anyone on that net, >including >> the Docker host from a busybox container afterwards (should try that >ping >> just before you actually add it). >> >> No, I didn't try this with podman yet, because that's separate >challenge >> with CUDA: Would love to know if that is part of QA for oVirt >already. >> ___ >> Users mailing list -- users@ovirt.org >> To unsubscribe send an email to users-le...@ovirt.org >> Privacy Statement: https://www.ovirt.org/privacy-policy.html >> oVirt Code of Conduct: >> https://www.ovirt.org/community/about/community-guidelines/ >> List Archives: >> >https://lists.ovirt.org/archives/list/users@ovirt.org/message/WKLB3IAN7FJUHZOPMUGK57Y3YUJ6NM5Q/ >> Actually I think I got an idea. Vdsm hooks can be used to do some stuff before/after somwthing happens. So you can create your oqn script to configure docker network after the network was initiated by vdsm. I think implementation will be fairly easy. Best Regards, Strahil Nikolov ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/T74TSSU7PE72JMZ3O4EMKQBR4UFCYF46/
[ovirt-users] Re: oVirt thrashes Docker network during installation
i think it wouldn't work out of box ovirt will overwrite all your routes and network. you might try to tell ovirt do jot maintain the network of a interface where you got a docker and also add custom rules in the firewall ports template on the engine. schrieb am So., 12. Apr. 2020, 15:51: > I want to run containers and VMs side by side and not necessarily nested. > The main reason for that is GPUs, Voltas mostly, used for CUDA machine > learning not for VDI, which is what most of the VM orchestrators like oVirt > or vSphere seem to focus on. And CUDA drivers are notorious for refusing to > work under KVM unless you pay $esla. > > oVirt is more of a side show in my environment, used to run some smaller > functional VMs alongside bigger containers, but also in order to > consolidate and re-distribute the local compute node storage as a Gluster > storage pool: Kibbutz storage and compute, if you want, very much how I > understand the HCI philosophy behind oVirt. > > The full integration of containers and VMs is still very much on the > roadmap I believe, but I was surprised to see that even co-existence seems > to be a problem currently. > > So I set-up a 3-node HCI on CentOS7 (GPU-less and older) hosts and then > added additional (beefier GPGPU) CentOS7 hosts, that have been running CUDA > workloads on the latest Docker-CE v19 something. > > The installation works fine, I can migrate VMs to these extra hosts etc., > but to my dismay Docker containers on these hosts lose access to the local > network, that is the entire subnet the host is in. For some strange reason > I can still ping Internet hosts, perhaps even everything behind the host's > gateway, but local connections are blocked. > > It would seem that the ovritmgmt network that the oVirt installation puts > in breaks the docker0 bridge that Docker put there first. > > I'd consider that a bug, but I'd like to gather some feedback first, if > anyone else has run into this problem. > > I've repeated this several times in completely distinct environments with > the same results: > > Simply add a host with a working Docker-CE as an oVirt host to an existing > DC/cluster and then try if you can still ping anyone on that net, including > the Docker host from a busybox container afterwards (should try that ping > just before you actually add it). > > No, I didn't try this with podman yet, because that's separate challenge > with CUDA: Would love to know if that is part of QA for oVirt already. > ___ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > Privacy Statement: https://www.ovirt.org/privacy-policy.html > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/WKLB3IAN7FJUHZOPMUGK57Y3YUJ6NM5Q/ > ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/PR6N6XRBBSEFD3KIQUHXVDGEE52F4SVV/
[ovirt-users] Re: oVirt thrashes Docker network during installation
The general idea was, that with oVirt I'd get a little more automation and benefits than with just using VirtualBox as a GUI for KVMs. Boy did I underestimate the amount of intellectual investment for the first value return. Turned out quite a bit bigger than vSphere, but much more intriguing, because after all: The code was all there! I got hooked... beyond reasonble, perhaps. With Openstack they jury has come back a long time ago: Unless you're willing to sacrifice a double digit team for a year or three, don't go near it. Three node HCI oVirt just looked like a tight little project with plenty of expandability... sigh! ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/VTLWH3UKDDOBHXHAQPN5UADWTPZ2KYED/
[ovirt-users] Re: oVirt thrashes Docker network during installation
On April 12, 2020 7:36:23 PM GMT+03:00, tho...@hoberg.net wrote: >Hi Strahil, > >color me surprised, too, especially considering where things are >supposed to go in terms of roadmap. > >Yet again, both oVIrt and Docker could be excused to think that they >"own the hardware" they are running on, because it's a rather natural >assumption, even if there are good reasons to run VMs and containers >side-by-side as well as nested. > >Yes, I believe, I have also done the reverse, put Docker on a system >that was already running as oVirt compute host and it wasn't with >better results, either. The biggest challenge is to repairing the node, >without having to re-install the whole thing and I have gone through >quite a few wobbles there, with colleagues who weren't too appreciative >of having their ML jobs fail (those tend to be rather lenghty...) > >I've managed to get CUDA work on KVM VMs twiddling the XML config files >in these ways documented on the Web. But with oVirt those KVM XML >config files get generated on the fly in Python and I'd have to fiddle >with the code which does that. > >Actually I *did* try doing that at one point in time about a year or >two ago, but I never found the right place, where that code actually >was taken from. You see, there are copies of that code on every node, >but also on the management engine. And you know how Ansible squirts >code from machine to machine to do its magic, so that's were I stopped >at one point, because running ML workloads containerized was more >natural anyway and I was happy to have CPU-only VMs at their side. > >Besides GPU access also disables live-migration and the abillity to >move these long-running functional VMs around to manage resources for >ML jobs is exactly what attracts me to oVirt. > >Currently I am mostly probing around here, to see if what I try would >be considered totally esoteric or irresponsible or if it's worth >reporting as a bug. >___ >Users mailing list -- users@ovirt.org >To unsubscribe send an email to users-le...@ovirt.org >Privacy Statement: https://www.ovirt.org/privacy-policy.html >oVirt Code of Conduct: >https://www.ovirt.org/community/about/community-guidelines/ >List Archives: >https://lists.ovirt.org/archives/list/users@ovirt.org/message/6S7VBHOMI76RYRCXJQPRH55KUZ4CWDOP/ Actually, Is this a bug or not ... I have no idea. Have you checked if Openstack is your thing in case oVirt cannot cover your needs? Best Regards, Strahil Nikolov ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/CL7UIBAGYV66RCLZ7E3YHVOZPKLJDODA/
[ovirt-users] Re: oVirt thrashes Docker network during installation
Hi Strahil, color me surprised, too, especially considering where things are supposed to go in terms of roadmap. Yet again, both oVIrt and Docker could be excused to think that they "own the hardware" they are running on, because it's a rather natural assumption, even if there are good reasons to run VMs and containers side-by-side as well as nested. Yes, I believe, I have also done the reverse, put Docker on a system that was already running as oVirt compute host and it wasn't with better results, either. The biggest challenge is to repairing the node, without having to re-install the whole thing and I have gone through quite a few wobbles there, with colleagues who weren't too appreciative of having their ML jobs fail (those tend to be rather lenghty...) I've managed to get CUDA work on KVM VMs twiddling the XML config files in these ways documented on the Web. But with oVirt those KVM XML config files get generated on the fly in Python and I'd have to fiddle with the code which does that. Actually I *did* try doing that at one point in time about a year or two ago, but I never found the right place, where that code actually was taken from. You see, there are copies of that code on every node, but also on the management engine. And you know how Ansible squirts code from machine to machine to do its magic, so that's were I stopped at one point, because running ML workloads containerized was more natural anyway and I was happy to have CPU-only VMs at their side. Besides GPU access also disables live-migration and the abillity to move these long-running functional VMs around to manage resources for ML jobs is exactly what attracts me to oVirt. Currently I am mostly probing around here, to see if what I try would be considered totally esoteric or irresponsible or if it's worth reporting as a bug. ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/6S7VBHOMI76RYRCXJQPRH55KUZ4CWDOP/
[ovirt-users] Re: oVirt thrashes Docker network during installation
On April 12, 2020 4:49:51 PM GMT+03:00, tho...@hoberg.net wrote: >I want to run containers and VMs side by side and not necessarily >nested. The main reason for that is GPUs, Voltas mostly, used for CUDA >machine learning not for VDI, which is what most of the VM >orchestrators like oVirt or vSphere seem to focus on. And CUDA drivers >are notorious for refusing to work under KVM unless you pay $esla. > >oVirt is more of a side show in my environment, used to run some >smaller functional VMs alongside bigger containers, but also in order >to consolidate and re-distribute the local compute node storage as a >Gluster storage pool: Kibbutz storage and compute, if you want, very >much how I understand the HCI philosophy behind oVirt. > >The full integration of containers and VMs is still very much on the >roadmap I believe, but I was surprised to see that even co-existence >seems to be a problem currently. > >So I set-up a 3-node HCI on CentOS7 (GPU-less and older) hosts and then >added additional (beefier GPGPU) CentOS7 hosts, that have been running >CUDA workloads on the latest Docker-CE v19 something. > >The installation works fine, I can migrate VMs to these extra hosts >etc., but to my dismay Docker containers on these hosts lose access to >the local network, that is the entire subnet the host is in. For some >strange reason I can still ping Internet hosts, perhaps even everything >behind the host's gateway, but local connections are blocked. > >It would seem that the ovritmgmt network that the oVirt installation >puts in breaks the docker0 bridge that Docker put there first. > >I'd consider that a bug, but I'd like to gather some feedback first, if >anyone else has run into this problem. > >I've repeated this several times in completely distinct environments >with the same results: > >Simply add a host with a working Docker-CE as an oVirt host to an >existing DC/cluster and then try if you can still ping anyone on that >net, including the Docker host from a busybox container afterwards >(should try that ping just before you actually add it). > >No, I didn't try this with podman yet, because that's separate >challenge with CUDA: Would love to know if that is part of QA for oVirt >already. >___ >Users mailing list -- users@ovirt.org >To unsubscribe send an email to users-le...@ovirt.org >Privacy Statement: https://www.ovirt.org/privacy-policy.html >oVirt Code of Conduct: >https://www.ovirt.org/community/about/community-guidelines/ >List Archives: >https://lists.ovirt.org/archives/list/users@ovirt.org/message/WKLB3IAN7FJUHZOPMUGK57Y3YUJ6NM5Q/ Hi Thomas, I don't think that this type of setup is not supported. Have you tried the opposite way -> add a new host to oVirt, then try to put docker on it and add the docker0 somehow in oVirt as a VM network (no matter you won't use it as such)? About the KVM and Nvidia drivers - RedHat and Nvidia got a partnership and thus by default you are not able to set "" on the VM. As the Nvidia drivers check 'if we are a VM or not' , they either allow using the hardware or not.Of course enterprise hardware's (sold with that option in mind) drivers don't care if we are in VM or not. If you manage to put the hidden flag on a VM , the story will change a little bit for you. Best Regards, Strahil Nikolov ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/IOUVFGEXVBK3JHK444VTWKT4Q6JBWWJF/
[ovirt-users] oVirt thrashes Docker network during installation
I want to run containers and VMs side by side and not necessarily nested. The main reason for that is GPUs, Voltas mostly, used for CUDA machine learning not for VDI, which is what most of the VM orchestrators like oVirt or vSphere seem to focus on. And CUDA drivers are notorious for refusing to work under KVM unless you pay $esla. oVirt is more of a side show in my environment, used to run some smaller functional VMs alongside bigger containers, but also in order to consolidate and re-distribute the local compute node storage as a Gluster storage pool: Kibbutz storage and compute, if you want, very much how I understand the HCI philosophy behind oVirt. The full integration of containers and VMs is still very much on the roadmap I believe, but I was surprised to see that even co-existence seems to be a problem currently. So I set-up a 3-node HCI on CentOS7 (GPU-less and older) hosts and then added additional (beefier GPGPU) CentOS7 hosts, that have been running CUDA workloads on the latest Docker-CE v19 something. The installation works fine, I can migrate VMs to these extra hosts etc., but to my dismay Docker containers on these hosts lose access to the local network, that is the entire subnet the host is in. For some strange reason I can still ping Internet hosts, perhaps even everything behind the host's gateway, but local connections are blocked. It would seem that the ovritmgmt network that the oVirt installation puts in breaks the docker0 bridge that Docker put there first. I'd consider that a bug, but I'd like to gather some feedback first, if anyone else has run into this problem. I've repeated this several times in completely distinct environments with the same results: Simply add a host with a working Docker-CE as an oVirt host to an existing DC/cluster and then try if you can still ping anyone on that net, including the Docker host from a busybox container afterwards (should try that ping just before you actually add it). No, I didn't try this with podman yet, because that's separate challenge with CUDA: Would love to know if that is part of QA for oVirt already. ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/WKLB3IAN7FJUHZOPMUGK57Y3YUJ6NM5Q/
[ovirt-users] Re: multiple subnets on hosts for vm's
I'd basically like to second the "request" or question: I started on an /28 allocation, because that was the only available at the time. In the mean-time I managed to get hold of a full class C net, which I'd like to use for the VMs on a 3-node HCI with a couple of extra compute and gluster storage nodes added in the course of its life, without having to rebuild from scratch. I'd be happy to just add the extra range on the hosts in parallel or I'd do a move, but somehow I'm afraid that IPs or/or DNS names are baked into configuration files if now downright database tables, to make such a thing easy or possible. I tried just adding the extra subnet on /etc/sysconfig/network-scripts/ifcfg-ovirtmgmt and that works for a while, but it seems that VDSM is regularly overwriting that from data stored in /var/lib/vdsm/persistence/netconf/nets and that syntax there may not support the sort of syntax that the ifcfg scripts have for additional IP subnets (PREFIX instead of NETMASK, IPADDR[n]) etc. I can't really go into VLANs, because servers in that environment are access mode exclusively. ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/DVPCKMRNEIFC7TVZDW6YKY6K2MUGLJEI/
[ovirt-users] unsubscribe me please
EOM -- Raz Tamir ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/76PBV43ZIPPAESOGVZ5TXBA2NJ4ZRG3Q/
