Question


How can I configure a server network on a single network interface?

Answer


At least two separate networks must be assigned to a compute resource - Management and Appliance. If it is impossible to go with VLAN configuration to separate these networks, as an alternative, follow the instructions below, which can help you configure virtual Ethernet devices:

Step 1 of 2

Prepare your servers:

  1. Log in to your server via SSH.
  2. Install dependencies:

    #yum install wget bridge-utils net-tools arptables -y
    CODE
  3. Download the network configuration script:

    #wget https://raw.githubusercontent.com/OnApp/veth/main/veth.sh -O onapp-cfg-net.sh
    CODE
  4. Run the script:

    #bash onapp-cfg-net.sh
    CODE

    The script backs up the original interface configuration to /etc/sysconfig/network-scripts/ifcfg-<eth>.orig that allows reverting the changes.

    Additionally, you will be offered to configure the backup/provisioning network provided that compute resources and backup servers are attached to the same physical network/VLAN(L2).

    For example, if you have added 192.168.0.11/24 to a compute resource and 192.168.0.1/24 to a backup server when configuring, the onappBridge:1 alias will be created, and the IPs will be assigned to them.


  5. If you have configured the backup/provisioning network on the previous step, after successful deployment, connect to the compute resource/backup servers via SSH and run the configuration script with the following options:

    On compute resource
    # /onapp/onapp-hv-install/onapp-hv-config.sh -b <backup_ip_address>
    
    On backup server
    # /onapp/onapp-bk-install/onapp-bk-config.sh -b <backup_ip_address>
    CODE

    Replace <backup_ip_address>  with the backup IP you have specified in Step 4.

    In this case, you must have the same network scheme configured on both the compute resource and the backup server. 

  6. Restart the server and check if the network settings have been configured correctly:

    Just a few commands for a simple check:
    
    #ip -o link
    #ip -o addr
    #brctl show
    #ping -c1 <neighbor_backup_ip_address>
    
    You should see:
    Bridge - "onappBridge" and its members - "eth0" and "ethManagement" 
    Virtual Ethernet devices - "ethManagement" "ethAppliance"
    Backup IP on the alias interface "onappBridge:1"
    CR and BS should be able to ping each other over the provisioning/backup network
    CODE
  1. Remove the network configuration files created by the script:

    rm -f /etc/sysconfig/network-scripts/ifcfg-eth{Appliance,Management}
    rm -f /etc/sysconfig/network-scripts/ifcfg-onapp*
    rm -f /etc/cron.d/PrepareOnappNetwork
    CODE
  2. Restore the original configuration:

    # mv /etc/sysconfig/network-scripts/ifcfg-<eth>{.orig,}
    CODE

    Replace <eth> with the actual name of the physical interface, for example, eth0.


  3. Restart the server or run:

    # service network restart
    CODE

Scenario 1: I have got a separate network from the management one.

It is the default scenario when the default gateway of the appliance network is located in the same broadcast domain (layer 2) as the public (ethX) interface. No additional configurations are required for the compute resources. Create a new network, IP net, and IP ranges.


Scenario 2: I want to use an IP range of the management network to which the server public IP belongs for appliance purposes.

Create a network, IP net, and IP range excluding the server public IP from the range. No additional configurations are required for the compute resources.

Example

The network is 144.217.66.80/28; HostMin: 144.217.66.81; HostMax: 144.217.66.94; Hosts: 14

The public IP of the server is 144.217.66.81; the default gateway is 144.217.66.94

Then network configuration in Control Panel can be the following:

IP net: 144.217.66.80/28, gw: 144.217.66.94

IP range: 144.217.66.82-144.217.66.93, gw: 192.168.0.94


Scenario 3: soyoustart.com. I have a network (IP subnet) routed to the server's public IP address, which I want to use as an appliance network. 

Create an alias interface for onappBridge and add, for example, the HostMin IP of the subnet to this alias interface. The IP address will act as a default gateway for this network. 

Example

Public server: IP 144.217.66.129

App network: 51.222.175.92/30, HostMin: 51.222.175.93, HostMax: 51.222.175.94, Hosts: 2

# cat << EOF > /etc/sysconfig/network-scripts/ifcfg-onappBridge:2
DEVICE=onappBridge:2
ONBOOT=yes
NM_CONTROLLED=no
IPADDR=51.222.175.93
NETMASK=255.255.255.252
EOF
#ifup onappBridge:2
CODE

The alias with index one is reserved for the backup/provisioning network interface. Therefore, the network configuration in Control Panel can be the following:

IP net: 51.222.175.92/30, gw: 51.222.175.93

IP range: 51.222.175.94-51.222.175.94, gw: 51.222.175.93 


Step 2 of 2

If you plan to add the compute resource to one of the existing compute zones, go to your Control Panel and proceed with the following:

  1. Install a compute resource.
  2. Attach the compute resource to a compute zone.
  3. Create a new network and add IP nets and IP ranges. Based on the provided examples, it can be as follows:

    "network_address": "51.222.175.80","default_gateway": "51.222.175.81","network_mask": 28
    "start_address": "51.222.175.82","end_address": "51.222.175.94", "default_gateway": "51.222.175.81"
    CODE
  4. Add the network to one of the existing network zones or create a new one.
  5. Add a network join to the compute resource with the interface name that implies a virtual appliance interface created by the script (by default, ethAppliance).
  6. If you have configured the backup/provisioning network, set appropriate backup IP addresses for the compute resources and backup server.


We recommend building a new virtual server on this compute resource to check if everything works as expected.