KVM Network Bridge on Ubuntu for a Server VM

I warned you I would go recursive in my project to do some development. Well, here’s the first proof of that: I managed to get a virtual machine working on Ubuntu server using a network bridge. Man, it was way more difficult to figure out than I thought, because there are so many articles on network bridges, but none really explain what their instructions do and why, so if your goal differs by the least bit, you’re likely to screw up. My goal was simple: I have a Ubuntu Server 10.04 LTS box and I want to run virtual machines on it, where the virtual machine presents itself to the outside world with its own IP address and can function as a server. I finally got it to work, but not without several misses.

The Goal: A Server VM

I want to be able to experiment with JBoss AS based applications, added and removing installations at will. But if I just create a set of installations next to each other, I’ll have to keep track of how many are running already, and change the configuration so they won’t try to steal each other’s ports. Since the network I work on is my home network, I thought it simplest to use Virtual Machines (as stand-ins for physical boxes) and simply dish out IP addresses.  I’ll create a clean Ubuntu based server with just Java and JBoss, and then clone as many as I want.

Setting up Ubuntu Server as a VM Host is pretty easy and well documented, but the default behavior for the networking side is to use a virtual network, which is connected to the real world, but hidden. So the server will receive an address (there is even a virtual DHCP server on the virtual network), but you cannot reach it from outside the host. What you need to do is create a network bridge, that much becomes clear quite soon, but nobody really explains it well. Starting to Google on network bridges quickly turns up lots of pages, but most are about other things you can do with them. Practically all articles gloss over some detail or other, because they assume you know why you want to create a bridge. I didn’t.

Why do I need a Bridge?

Network bridges are pretty simple things basically; they allow you to bridge data from one network interface to another. This does not sound at all like what I want to do; I want my Guest to share the network card with the Host. What I should have thought of, is that I am trying to connect several devices to my network using only a single connection. If all those devices had been physical, I would go out and buy a network hub, plug all devices in that and connect the up-link port to that one port I have available. Linux can do that for me.

In fact I can put a number of network cards in a single PC and then let that PC be the hub. Now it starts making sense. I create a bridge in my networking configuration, which will be the controller that will do all the actual moving around of the network data. For a VM Host, I’m plugging in virtual interfaces, so that single physical network card will do just fine as my up-link. Now comes the twist: since my physical network card belongs to a bridge, it should not have an IP address on it! Think back to that hub: does it have an IP address? Having the interface be part of a bridge -and thus transparent to the network- while at the same time actively intercepting network traffic for local consumption is not a healthy design. This simple point wasn’t really made by practically any of the pages I found. So the thing will keep causing errors until you remove the rules giving the interface a fixed IP address or cause it to query the DHCP server. Instead you have to tell the bridge that it, as a device, needs to have a presence on the network. Your Host machine will then use the bridge as the interface for its network connectivity. I still think that last step is not entirely sound, but nevertheless it works.

The actual Configuration

Ok, here we go. First read the official documentation on bridging, and make sure you have the installation requirements done. Next you need to edit the interface configuration, which is in /etc/network/interfaces. (for Ubuntu Server 12 use /etc/networking/interfaces) If, like me, your box has a fixed IP address, most likely you will have something that looks like this:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
  address 192.168.0.32
  netmask 255.255.255.0
  gateway 192.168.0.1

This tells the networking system we have two interfaces: a loopback interface and a ‘real’ ethernet interface. What we need to do is change the mode of the “eth0” interface to “manual“, telling the system not to bother with IP addresses just yet. Next, add a bridge device which is connected to “eth0“, and give that bridge your original IP address.

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet manual

# The bridge interface
auto br0
iface br0 inet static
  bridge_ports eth0
  bridge_stp off
  bridge_fd 0
  bridge_maxwait 0
  address 192.168.0.32
  netmask 255.255.255.0
  gateway 192.168.0.1

Now all you need to do is restart the networking subsystem with “sudo /etc/init.d/networking restart” and check if all is still working. Oh yeah… Don’t do this when you’re logged on remotely, because the network connection will be dropped, and if anything went wrong, you’ll no longer be able to connect to your server.

Finally

If all went well, your box will be back as before. All applications that explicitly connect to an interface will need to be restarted, but on my system that was only sshd and Ubuntu took care of it automagically. When you create a new VM using virt-manager, you can select the bridged “eth0” device as the network device to use. If you check on the Host with “ifconfig -a“, you’ll notice a “vnet0” interface is added when the Guest is running. A fake ethernet address will have been generated for it and your VM is “plugged in” into the bridge. I created s simple VM, just 512MB of RAM, a single processor, and an 8GB disk, gave it the Ubuntu Server 12.04 LTS installation ISO and it worked like a charm. After the first reboot edit the networking interface file (it gets DHCP by default) to fix the IP address, and you’re ready to start work!

Advertisements
This entry was posted in Hands-on and tagged , , , , , . Bookmark the permalink.

One Response to KVM Network Bridge on Ubuntu for a Server VM

  1. Brandon says:

    Bert,
    Awesome stuff. Honestly, never thought about doing something like this, but it does make sense for small, lightweight application servers that need to all connect to the network at the same time, without having port conflicts. Saves money too:) Thanks for sharing.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s