Managing Virtual Machines with Red Hat OpenShift Virtualization

Bookmark this page
P123456789
PreviousNext

Lab: Connecting Virtual Machines to External Networks

Configure node networking to connect a VM to an additional network, and then connect the VM to an external web server on the additional network.

Outcomes

  • Create a node network configuration policy that configures a Linux bridge where DHCP is enabled on an identified node interface.

  • Create a network attachment definition for the Linux bridge.

  • Attach a secondary interface with a custom MAC address on a virtual machine.

  • Verify communication between the VM and resources on the additional network.

As the student user on the workstation machine, use the lab command to prepare your environment for this exercise, and to ensure that all required resources are available.

[student@workstation ~]$ lab start multihomed-review

Instructions

The dev-external VM in the multihomed-review project requires access to an Apache HTTP instance on server.srv.example.com. That Apache server accepts requests only from a specific IP on the external network within the 192.168.51.0/24 IP range. A DHCP server on the external network provides the required static IP to the 00:00:00:00:00:02 MAC address.

The VM needs an additional network interface that is connected to the external network with the right IP to communicate with the Apache HTTP server.

As the admin user, label the nodes worker01 and worker02 with the external-network=true label. Configure a Linux bridge named br0 on the worker01 and worker02 nodes, and then create a network attachment definition named br0-network in the multihomed-review project.

For creating those resources from the command line, you can find partial resource YAML files in the ~/DO316/labs/multihomed-review/ path.

Before attaching the second network interface, connect to server.srv.example.com on the dev-external VM and confirm that a warning is displayed about permissions to the Apache instance. Attach an additional network interface to the VM that uses the br0-network network attachment definition, and specify 00:00:00:00:00:02 as the MAC address for the interface.

Finally, test connectivity to server.srv.example.com from the VM. Confirm that the response is a Hello, World! message.

  1. As the OpenShift admin user, label the nodes worker01 and worker02 with the external-network=true label.

    1. Open a web browser and navigate to https://console-openshift-console.apps.ocp4.example.com

    2. Click htpasswd_provider and log in as the admin user with redhatocp as the password.

    3. Navigate to ComputeNodes, click the vertical ellipsis icon next to worker01, and then click Edit labels.

    4. Type external-network=true in the field and click Save.

    5. Repeat this step with the worker02 node.

    6. On the ComputeNodes page, select Label from the drop-down menu, type external in the Search by label field, and select the external-network=true label.

    7. Verify that the node list contains only the worker01 and worker02 nodes.

  2. Create a Linux bridge network on the worker01 and worker02 nodes with the following requirements:

    ParameterValue
    Namebr0-ens4-policy
    Interface namebr0
    Interface typeBridge
    IPv4Enabled
    DHCPEnabled
    Bridge portens4
    Node Selector external-network=true

    1. Navigate to NetworkingNodeNetworkConfigurationPolicy and click Create NodeNetworkConfigurationPolicy.

    2. Complete the Create NodeNetworkConfigurationPolicy form with the provided specifications.

    3. Select the node selector checkbox to open the node selector.

    4. Click Add Label, and type external-network as the key and true as the value.

    5. Click Save and then click Create to create the node network configuration policy.

    6. Confirm that the policy is successfully configured on the nodes by verifying its status on the NetworkingNodeNetworkConfigurationPolicy page. Wait until the node network state is 2 Available.

  3. Create a network attachment definition in the multihomed-review project with the following requirements:

    ParameterValue
    Namebr0-network
    Namespacemultihomed-review
    Network TypeCNV Linux bridge
    Bridge Namebr0

    1. Navigate to NetworkingNetworkAttachmentDefinitions.

    2. Select the multihomed-review project from the Project list and then click Create network attachment definition.

    3. Complete the Create Network Attachment Definition form by using the provided specifications.

    4. Click Create to create the network attachment definition.

  4. From the console of the dev-external VM, use the curl command to connect to server.srv.example.com, and then confirm that you do not have permission to access the site.

    Note

    The server.srv.example.com fully qualified domain name also resolves with the server hostname for resources in the 192.168.51.0/24 network.

    1. Navigate to VirtualizationVirtualMachines. Select the multihomed-review project from the Projects list.

    2. Click the dev-external VM and select the Console tab to open the VM's console.

    3. Click Guest login credentials to display the credentials of the VM, and then use those credentials to log in to the VM.

    4. Test the connectivity to the Apache HTTP instance on server.srv.example.com with the curl server command. Confirm that you receive a warning that you do not have permission to access the resource.

      [developer@dev-external ~]$ curl server
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access this resource.</p>
</body></html>

  5. Attach a secondary network interface to the dev-external VM with the following information:

    ParameterValue
    NameLeave the default name
    Modelvirtio
    Networkbr0-network
    TypeBridge
    MAC Address00:00:00:00:00:02

    The custom MAC address, 00:00:00:00:00:02, is required for the VM to receive the 192.168.51.20/24 static IP address from the DHCP server in the Linux bridge network.

    1. On the dev-external VM page, click the Configuration tab and then click Network Interfaces to display the network interfaces that are connected to the VM.

    2. Click Add Network Interface to create an interface on the VM. Modify the parameters to match the specifications from the table. Click Add to attach the interface.

    3. Restart the VM to apply the pending changes. Click ActionsRestart, and then click Restart to confirm the action.

    4. Wait until the VM is in the running state.

  6. From the console of the dev-external VM, use the curl command to connect to server.srv.example.com, and confirm that you receive a Hello, World! response.

    1. Click the Console tab to access the VM's console. Click Guest login credentials to display the credentials of the VM and then use those credentials to log in to the VM.

    2. Connect to the Apache HTTP instance on server.srv.example.com with the curl server command. Confirm that you receive a Hello, World! response.

      [developer@dev-external ~]$ curl server
Hello, World!

Evaluation

As the student user on the workstation machine, use the lab command to grade your work. Correct any reported failures and rerun the command until successful.

[student@workstation ~]$ lab grade multihomed-review

Finish

As the student user on the workstation machine, use the lab command to complete this exercise. This step is important to ensure that resources from previous exercises do not impact upcoming exercises.

[student@workstation ~]$ lab finish multihomed-review

PreviousNext
Revision: do316-4.14-d8a6b80