| Proxmmox with OpenVZ and veth network configuration [message #44415] |
Tue, 06 December 2011 13:55  |
ProgMan
Messages: 1
Registered: December 2011
|
Junior Member |
|
|
Hi,
I have installed newest proxmox (1.9). I can create virtual machines using OpenVZ. I think this is OpenVZ issue. I installed ubuntu 10.04 template. As a first I configured network as "venet". All was ok. Ubuntu works. I could log in to main machine ( proxmox debian ) and individual virtual machines ( on ubuntus ) using "putty" from another computer. They worked correctly but it looks like this network model does not allow setup multiple containers which use the same ports. I noticed it while I wanted to setup apache on one Virtual Machine ubuntu1 ( port 80 ) and Ngingx (port 80) on another virtual machine ubuntu2. Conflict appeared...
To resolve this problem ( port conflicts ) I guessed that I should use "veth" model ( some information aboutnetwork models I found at: wiki.openvz.org/Differences_between_venet_and_veth )
I created machines, I have created bridges according to video at: pve.proxmox.com/wiki/Category:Video_Tutorials and I used created bridges during virtual machines creation.
My set up is 192.168.100.106 (proxmox debian), and 192.168.100.107 ( ubuntu1 ), 192.168.100.108 ( ubuntu2) using created bridges. As result while I want to log into individual ubuntu machines I am logged into main proxmox debian machine only (even if I put 192.168.100.107, 192.168.100.108 addresses to putty I am logged into main debian machine. It seems the packets are not forwarded to individual ubuntu virtual machines ). I was trying to use magic commands which I have found in internet ( especially on openVZ site ). Still the same problem appears. Can someone help me to resolve this problem and show step by step how to set up it step by step?
Cheers,
Piotr
|
|
|
|
| Re: Proxmmox with OpenVZ and veth network configuration [message #44471 is a reply to message #44415] |
Fri, 09 December 2011 12:46  |
Ales
Messages: 330
Registered: May 2009
|
Senior Member |
|
|
Quote:I configured network as "venet". All was ok. Ubuntu works. I could log in to main machine ( proxmox debian ) and individual virtual machines ( on ubuntus ) using "putty" from another computer. They worked correctly but it looks like this network model does not allow setup multiple containers which use the same ports.
Sure it does... I have numerous applications on same ports (on different IPs, of course) running venet networking. The cause of your port conflicts must be elsewhere.
I'd start troubleshooting from here, as venet is the recommended way to go - unless there is something specific about veth that you really need.
[Updated on: Fri, 09 December 2011 12:47] Report message to a moderator |
|
|
|
| Re: Proxmmox with OpenVZ and veth network configuration [message #44695 is a reply to message #44415] |
Thu, 22 December 2011 16:05 |
votsalo
Messages: 26
Registered: December 2011
Location: Greece
|
Junior Member |
|
|
I don't have the answer for you, but since I'm dealing and learning about similar networking issues, I'll tell you my experience.
I recently started using proxmox and openvz with ubuntu 10.04 containers, like you have, except that my HN has a static public IP address.
The first issue I had to resolve was how to setup the network so the containers could access the internet. With the installation of proxmox that my hosting provider gave me, the containers were isolated from the internet. I am no networking expert, so it took me about a day to get outbound connectivity by setting up NAT on the host node, using iptables:
#!/bin/sh
iptables -t nat --flush
INTERFACE=vmbr0
IP=x.x.x.x # The static IP of my HN
iptables -t nat -A POSTROUTING -o $INTERFACE -j SNAT --to $IP
iptables -t nat -A PREROUTING -i $INTERFACE -j DNAT --to $IP
iptables -t nat -L
I tried each interface from the ifconfig list in turn, until I found the one that worked (vmbr0).
My containers can now connect to the internet, and I can use apt-get install to install software (solved major problem #1).
I haven't tackled the inbound connections yet, but I suspect I will do something similar with iptables, e.g. reroute http connections to my "http" container, etc. I will not attempt to reroute http connections to two different containers, yet, but I have read that I can use an http reverse proxy to do this (the recommendation was for a package called pound). I don't know yet what I will do for things like ssh. I could setup different ports for each container, or simply ssh to HN, and from there ssh to each container, as I do now.
In your case, it seems that your HN is in a home network, and it may be possible to access each of your containers individually from any other machines in your network. However, since all containers are in a single machine, your network must know to send packets for all of your container IPs to the same wire (your HN node). If your network is a "hub" that sends all packages to all nodes, this would work. If it is a switch (more likely) that sends each packet to the wire it things it should go to, it might not work, or it might work sporadically.
If your HN is on wi-fi, it may work better, since there are no wires to choose from (I suspect wi-fi is closer to a hub than to a switch).
Since I am no networking expert, I've already reached the limits of my knowledge on the topic and I may have given inaccurate information. Perhaps someone else can step in and elucidate us both.
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
