Create multiple OVS bridges on a single interface without rebooting?

J

jort

New Member
Nov 24, 2016
19
0
1
26
i have followed https://pve.proxmox.com/wiki/Network_Configuration and am using the default config.

however i would like to create multiple OVS bridges on my eth0, without having to reboot my node.
is there a way to do this? as of now promox doesnt allow multiple bridges on the same eth meaning i need a network port per bridge.
 
Sounds like an xy problem to me, what is your actual goal?
 
wbumiller said:
Sounds like an xy problem to me, what is your actual goal?
Click to expand...

i want to allow my users to create multiple separate networks functioning as virtual switches. so they can build their own network with VM's functioning as servers within that network without interfering with each other while still having access to the internet

edit:

id like to able to have users create these as they need them, without having to reboot my cluster.
how do i go about that?
 
Last edited:
AFAIK, and do not quote me on this.
The only way for a Network change done via GUI to be taken into affect is to reboot the corresponding node.

I'm not sure i understand the issue correctly, but it sounds like you have x amount of clients you want to offer this option to.

I'd probably go like this about it:

  1. create a ovs-bridge (vmbr0) and assign all physical network devices in what ever configuration you wanna use em
  2. create a OVS-Bridge per customer (custumer 44 = vmbr44; customer 99 = vmbr99) etc
    1. just pre-create em all .. once ..
  3. have your custumers create a vNic on vmbr0 for www-access
  4. have your customers create their "guest internal network" vNics on their corresponding vmbr (e.g. vmbr37 for customer 37)
That way they are all isolated by ovs based bridges and have each their own vswitch.

some concerns:
- not sure how much of this you can manage via the gui/roles with regards to isolation (so that customer 76 can not access vmbr22).
- What the performance impact of potentially 10's of ovs based switches on the same system is like (the maximum i ever ran was 5 ovs Bridges for some 260G of connectivity on a single server).





Alternative:
2 ovs based Bridges:
  • one for www-access
  • two for virtual-switching
assign VLans for customers
(again not sure how much of this you can manage via gui/roles)
 
Q-wulf said:
- not sure how much of this you can manage via the gui/roles with regards to isolation (so that customer 76 can not access vmbr22).
Click to expand...
This is currently not possible but something we want to add in the future. (Our GUI is not really an end-user interface for a "provider vs customer" service situation, so if you want a more complex permission system the current way to go is to provide the customers with your own interface which calls out to the PVE API.)
 
wbumiller said:
This is currently not possible but something we want to add in the future. (Our GUI is not really an end-user interface for a "provider vs customer" service situation, so if you want a more complex permission system the current way to go is to provide the customers with your own interface which calls out to the PVE API.)
Click to expand...

this is what im currently working on, however im not too familiar with proxmox so i cant figure out how to create multiple bridges on a single network card.

im using the API to only return the bridges the user is supposed to have access to, my main issue is how do i configure a bridge in such a way that i can have alot of bridges without having to reboot, having a network card per bridge just isnt realistic because then i would need a 1000 cards.
say having 250 students each with 4 switches in their system to wire up their vm's, and i want them to be able to add and remove switches as they need, so i cannot afford to restart the node each time someone wants a bridge.
 
jort said:
and i want them to be able to add and remove switches as they need, so i cannot afford to restart the node each time someone wants a bridge.
Click to expand...


AFAIR you can do the following:
make changes to
Code: 
nano /etc/network/interfaces
then invoke them via
Code: 
/etc/init.d/networking restart

The Problem in my opinion becomes, that once you make changes on the proxmox gui, all changes that have not been done via the gui/api get reverted.





jort said:
say having 250 students each with 4 switches in their system to wire up their vm's, and i want them to be able to add and remove switches as they need, so i cannot afford to restart the node each time someone wants a bridge.
Click to expand...

This sounds like a networking lab.
Have you thought about visualizing proxmox inside of proxmox via nested kvm ?
https://pve.proxmox.com/wiki/Nested_Virtualization
  • Each physical Proxmox-Server in your Cluster gets assigned a openvswitch based Bridge to provide www-access.
  • Each virtual Proxmox Server (vProxmox) gets assigned a vNic on said Bridge for www-access
  • Then your students get control over a fully functioning Proxmox Server inside a VM and can create virtual openvswitches inside there. When they need another Bridge, they just need to restart their own VM hosting their vProxmox.


This should easily be manageable via the Proxmox-Gui and it should also be easily workable ..
Just don't expect these vProxmox Servers to host any production VM or CT :p
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back