Install and Configure Open vSwitch on CentOS RHEL Fedora

Overview

Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable massive network automation through programmatic extension, while still supporting standard management interfaces and protocols (e.g. NetFlow, sFlow, SPAN, RSPAN, CLI, LACP, 802.1ag). In addition, it is designed to support distribution across multiple physical servers similar to VMware’s vNetwork distributed vswitch or Cisco’s Nexus 1000V. Source http://openvswitch.org/

Install and Configure Open vSwitch on CentOS RHEL Fedora

Now there are many possible scenarios where Open Vswitch can fit in perfectly, I am using it to save physical switch ports, its not that it can completely replace my physical L2 switch but it can definitely save me huge number of ports. We use KVM for virtualization and have about 8 vlans so if I have to create virtual machines on the physical box and has to have the power to choose any of the vlan to assign to a machine, I require atleast 8 NIC cards connected back to my physical switch assigned to different vlans. With Open Vswitch I can use a single NIC card and connect it to a trunk port on my switch and handle the vlan tagging part using Open vSwitch installed on my physical machine.

Install the prerequisites

Disable Libvirt Network

Download the latest tarball and run configure, make, make install

Remove bridge module

Permanently blacklist brigde module, across server restarts.

Append the following to the file

Load Open vSwitch modules into the kernel

To have Open vSwitch modules automatically load up during restart or reboot

Create a new file under sysconfig/modules

Append the following to it

Change the permissions

Now we have to Initialize OVS database and server

Lets create a bridge which we would be adding to ovs

Append the following to the file

Add the bridge to ovs

Bring the bridge up

Next I will create a bond and add two physical interfaces present on my box. I could have used only one NIC which should have worked perfectly but I wish to run the bond in balance mode so in case one NIC dies the other can still forward the traffic. Also, as you can see I have added all the vlan IDs I wish to use with this bond.

Everything is set now, whenever a new virtual machine is created and started the virtual interface that gets created for the machine has to be tagged with the vlan ID. This is how it can be done. The very first machine will create vnet adapter number 0. We need to delete it and create it again with the vlan tag, in the example below I am taging it with vlan ID 1

Now the challenge is that everytime you create a new machine or restart an existing one, you have to tag the virtual(vnet) adapter with the vlan ID again. To avoid manual tagging virtual interfaces each time virtual machine restarts we will be creating fake bridges. Each fake bridge will be assigned vlan tag ID and instead of assigning vnet adapters to the virtual machines these fake bridges can be assigned.

ovs-vsctl add-br <fake bridge> <parent bridge> <VLAN-ID>

Make standard configuration file for each fake bridge

Append the following to it

Create another one

Append the following to it

As an example I am creating two fake bridges and assigning them vlan tag IDs, you would want to create 1 fake bridge per vlan so the next time you create a machine simply assign the fake bridge for the vlan you wish the machine to be part of. Next tag these fake bridges with the vlan id’s, I purposely created br4 for vlan number 4 and br10 for vlan 10, it will help me remember which bridge is for which vlan.

Bring these up

Now both fake bridges will come up automatically across server reboot but we would want Open vSwitch services to be up and running by then, for this we have to create an init script in order to start Open vSwitch before network interfaces are initialized. To accomplish it we must set openvswitchd starting priority to be S=9 one lower than the priority of network S=10. When Open vSwitch services starts it will read its database.

Create initialization script

Append the following to the file

Make sure Open vSwitch starts on server reboots.

ovs011 300x176 Install and Configure Open vSwitch on CentOS RHEL Fedora

Now whenever you create a new virtual machine just assign the bridge of choice.