[libvirt] [RFC Incomplete Patch] Libvirt + Openvswitch

Daniel P. Berrange berrange at redhat.com
Tue Jan 31 11:57:54 UTC 2012 

On Fri, Jan 27, 2012 at 02:58:58AM -0800, Dan Wendlandt wrote:
> Hello all,
> 
> I know of many people who want to spin up VMs using libvirt + kvm/qemu and
> attach those VMs to an openvswitch bridge (see: http://www.openvswitch.org).
>   However, the only way I know of to get this working is a kludge that uses
> to tap devices along with <interface type="ethernet"> while running
> ovs-vsctl outside of libvirt.  Even worse, doing this on RHEL/Fedora seems
> to require privilege tweaks (e.g., running qemu as root, not dropping
> capabilities), which may not be acceptable for production deployments
> (see:
> http://fedoraproject.org/wiki/How_to_debug_Virtualization_problems#Errors_using_.3Cinterface_type.3D.27ethernet.27.2F.3E).
> 
> So I would like to start taking steps toward better libvirt/openvswitch
> integration.  My initial step has the fairly limit goal of enabling
> kvm/qemu VM NICs to attach to an openvswitch bridge in much the same way VM
> NIC can already attached to the linux bridge.  For example, specifying:
> 
> <interface type="openvswitch">
> <source bridge="br0"/>
> <mac address="ca:fe:de;ad:be:ef"/>
> </interface>

IMHO we should not be introducing a new "type" for OpenVSwitch. Contrary
to common understanding, type='bridge' is not referring explicitly to
Linux software bridging. Rather it refers to the concept of bridging the
guest to the LAN at the network level, of which Linux software briding
is one possible impl. OpenVSwitch is another possible impl. Other hypervisors
have different impls too of course.

If OpenVSwitch is available in the kernel, is there really any reason
to *not* use it ?  ie, could we just have

    <interface type="bridge">
      <source bridge="br0"/>
      <mac address="ca:fe:de;ad:be:ef"/>
    </interface>

and if we see that 'br0' is using OpenVSwitch, then libvirt can know
to just do the right thing. That way every application that uses
libvirt today will automatically be able to take advantage of the
benefits OpenVSwitch brings without further work

> I also wanted to add a new child element of <interface> that can be used to
> specify some OVS specific configuration.  To start, I just want to expose a
> single 'interfaceid' value (this parameter is specific to openvswitch).
> Extending the previous example:
> 
> <interface type="openvswitch">
> <source bridge="br0"/>
> <mac address="ca:fe:de;ad:be:ef"/>
> <openvswitchport interfaceid="interface-xyz"/>
> </interface>

We already have a "<virtualport>" element under <interface> that
we use for setting 802.1Qb[gh] parameters. It seems to me that we
can use this existing syntax to cope with the openvswitch port
interfaceid perhaps ?

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvir-list mailing list