Tuesday, April 3, 2012

Virtual Distributed Network init script / service script

Hi, all:

I was recently playing with Virtual Machines under Linux KVM on different servers. I needed all VMs to see each other as if they were on the same subnet, sort of like VMware vSwitch (or so I've heard, I haven't actually used it). I came across a piece of software called Virtual Distributed Ethernet or VDE, from the good folks at VirtualSquare. VDE was the answer to my needs.

VDE is exactly what it says it is: a virtual distributed ethernet. That means you can do stuff as define network switches (I have only used layer 2, but I have read they also have layer 3), make connections between them and connect machines (both physical and virtual) to them.

The creation of a switch is pretty straightforward. Basically, you just need to run vde_switch and you are ready to go. However, in order to make things a little cleaner, the way I am doing it is something like:

vde_switch -s /var/run/sw1.sw -t tap0 -d -f /etc/vde2/conf.d/sw1.conf

Here's a description of each argument:

-s /var/run/sw1.sw : This sets /var/run/sw1.sw as the directory where vde_switch will keep its files and sockets in order to simulate the ethernet connections. you can choose whichever you prefer.

-t tap0 : this is a TAP interface I have previously created on my server. By adding this argument, my tap0 interface (or any interface bridged to tap0) gets connected to the switch, so all I would need to talk to any other box on the virtual distributed ethernet would be to configure an IP for the interface, which you can easily do by running

ifconfig tap0 netmask up

replacing IP address and netmas as required for your network.

-d : This tells vde_switch to detach itself from the terminal and run on background. By default, vde_switch runs on foreground and after starting, provides the user with a prompt to configure the switch (Yes, VDE switches are fully manageable via command line).

-f /etc/vde2/conf.d/sw1.conf : this tells the VDE switch to be configured according to the parameters specified in /etc/vde2/conf.d/sw1.conf . The syntax of this file is exactly the same as the one used in the command line prompt you obtain when running vde_switch without -d flag. Refer to this page for a complete list of available configuration commands for the virtual switches. For my example, the contents are:

fstp/setfstp 1

Which basically means that spanning tree protocol is enabled for the virtual switch.

So after you have run that command, you'll have your tap0 interface connected to the virtual switch. Only problem is that if you reboot, your switch is history. Sure, you can add the line to /etc/rc.local or your non-Ubuntu equivalent init script, but it is a lot nicer and easier to manage, to just set it up as a system service. So I wrote a init.d script for vde_switch based on Ubuntu's skeleton script. You might need to tweak it for other distros to work. You can get my version of the script here. The script makes a few assumptions:
  • VDE is installed (doh!): if not, do sudo aptitude install vde2 or whatever is equivalent for your distro.
  • There's a system account called vde2-net. You can override this default account by creating /etc/default/vde_switch and defining there the name of the account under the variable RUNASUSER. That would be, put the following line on the file:
  • There's a directory called /etc/vde2/vde2.d/ which contains files with .sw extension. These files define two variables required to start the switch. One of the is the TAP interface to which the VDE switch is going to be connected, and the other one is the full path to the VDE switch configuration file.
The script will start one VDE switch for each .sw file under /etc/vde2/vde2.d/. For my simple example, you can find the contents of the .sw file here.

Now vde_switch is a system service. In order to start it, you can do:

sudo service vde_switch start

You can check the process is running by executing

ps axu | grep vde_switch

I'll be posting about how to connect VDE switches running on different machines to make them look like they are on the same ether / subnet.

No comments: