Network Interface Management
Provide tools to easily set up commonly used network configurations, like bridges, bonds, vlan's and sensible combinations thereof, in particular for virtualized hosts.
- Name: DavidLutterkort
- email: firstname.lastname@example.org
- Targeted release: Fedora 12
- Last updated: 2009-07-16
- Percentage of completion: 90%
- Finalize libvirt implementation (pending review and the next libvirt release)
- netcf library design
- Initial discussion on libvir-list on the XML format, API and implementation options.
- netcf library and ncftool command line tool
- Design of the libvirt API and virsh commands
Configuring the network interfaces on a machine for moderately complicated yet common scenarios is generally only accessible to advanced users, and very poorly supported by existing tools. Such scenarios include creating a bridge and enslaving a physical NIC to it, or bonding two NIC's, adding a VLAN interface to the bond and enslaving that to a bridge.
Complicated bridge setups are commonly needed on virtualized hosts, and often have to be performed remotely by higher-level management tools, rather than a human user.
This feature addresses these needs by providing a general-purpose network configuration library (netcf) and additions to the libvirt API to expose netcf's local API through libvirt's remoting facilities.
netcf, a logical network interface (e.g. a bridge and its
slaves) is described as a unit, and
netcf takes care of
translating that description into the appropriate
files. To guarantee the happy coexistence of
netcf with other
network configuration utilities, including
netcf is bidirectional: it modifies
based on a
netcf interface description, but also reads
ifcfg-* files to generate such a description. It is therefore
possible to use
netcf side-by-side with any other method of
changing network configuration, and many of the pitfalls of earlier
attempts to do this, e.g., the Xen networking scripts, are avoided.
It is planned to switch NetworkManager to
netcf as the backend
for system-wide network configuration in a future release; while it's not part of this feature,
it will further unify the user experience around network configuration. In
the same vein, it is planned to expose network configuration functionality
in a future release of virt-manager
Benefit to Fedora
Configuring network interfaces, especially for virtualization, is
considerably simplified; for example, the very common setup described in
the libvirt documentation now boils down to running a couple of
netcf commands or
Complex setups, like bonding physical NIC's and enslaving a VLAN of that bond in a bridge, which are so far considered expert uses, can now be easily performed by non-experts.
Remote management of network configuration is now possible out-of-the-box.
As described above, most of the feature is complete; still missing is some of the plumbing in
libvirt to expose
netcf through its
API. That work is slated to land in the next libvirt release, planned in
time for the Fedora 12 Feature Freeze.
How To Test
- Use a machine with at least one Ethernet NIC
- Install the
- Create a file describing an interface, for example
cat > /tmp/bridge.xml <<EOF <interface type="bridge" name="br0"> <start mode="onboot"/> <mtu size="1500"/> <protocol family="ipv4"> <dhcp/> </protocol> <bridge stp="off" delay="0.01"> <interface type="ethernet" name="eth0"> <mac address="ab:bb:cc:dd:ee:ff"/> </interface> <interface type="ethernet" name="eth1"/> </bridge> </interface> EOF
- Start ncftool
ncftool> ifdown eth0 # Only needed if it is up ncftool> ifdown br0 # Only needed if it is up ncftool> define /tmp/bridge.xml ncftool> ifup br0 ncftool> exit
- Inspect the
ifcfg-*files and check network status with
/etc/sysconfig/network-scripts/ifcfg-br0and change, e.g.,
- Start ncftool and issue the command
dumpxml br0and notice how the changed
DELAYis reflected in the XML representation
Examples of more complex setups can be found in the netcf git repo
See the previous two sections
Changes are confined to
libvirt API work can not be finished in time for Fedora
12, users will have to use
netcf directly, and lose the
ability to remotely configure networking.
- initial proposal and design discussion
- netcf public API
- netcf XML schema
virInterface*functions in the libvirt API
Fedora 12 adds the ability to easily create complex network configurations,
either directly through the new
netcf library or through