Open vSwitch is a free and open source multi-layer software switch, which is used to manage the traffic between virtual machines and physical or logical networks. It provides the features like traffic isolation in OpenStack tenants using the overlay techniques likes GRE, VXLAN and 802.1Q VLANs.
Using open vSwitch packet forwarding engine in kernel space or user space can be implemented and Link aggregation can also be accomplished through LACP.
In this article we will discuss how to install latest version of Open vSwitch 2.9.2 on CentOS 7 and RHEL 7 Server. Apart from this we will see how open vSwitch can be used in KVM virtual machines for their networking.
Read More On : How to Install and Configure KVM on Ubuntu 18.04 LTS Server
I am assuming you have already have either CentOS 7 or RHEL 7 server configured with KVM. Open vswitch (OVS) 2.0 is available in the CentOS 7 & RHEL 7 default yum repositories, but if you install latest version of open vSwitch refer the below steps.
Step 1) Install the required packages using yum command
Login to your CentOS 7 or RHEL 7 server and run the beneath yum command,
[root@compute02 ~]# yum install wget openssl-devel python-sphinx gcc make python-devel openssl-devel kernel-devel graphviz kernel-debug-devel autoconf automake rpm-build redhat-rpm-config libtool python-twisted-core python-zope-interface PyQt4 desktop-file-utils libcap-ng-devel groff checkpolicy selinux-policy-devel -y
Step 2) Create ovs user and download Open vSwitch 2.9
Create a user with name ovs using below command
[root@compute02 ~]# useradd ovs [root@compute02 ~]# su - ovs [ovs@compute02 ~]$
Download OVS 2.9 tar file and build the openvswitch rpm using beneath commands,
ovs@compute02 ~]$ mkdir -p ~/rpmbuild/SOURCES [ovs@compute02 ~]$ wget http://openvswitch.org/releases/openvswitch-2.9.2.tar.gz [ovs@compute02 ~]$ cp openvswitch-2.9.2.tar.gz ~/rpmbuild/SOURCES/ [ovs@compute02 ~]$ tar xfz openvswitch-2.9.2.tar.gz [ovs@compute02 ~]$ rpmbuild -bb --nocheck openvswitch-2.9.2/rhel/openvswitch-fedora.spec [ovs@compute02 ~]$ exit logout [root@compute02 ~]#
Now install Open vSwitch rpm using below yum command,
[root@compute02 ~]# yum localinstall /home/ovs/rpmbuild/RPMS/x86_64/openvswitch-2.9.2-1.el7.x86_64.rpm -y
Step 3) Start and enable Open vSwitch Service
Use below systemctl commands to start and enable open vSwitch service
[root@compute02 ~]# systemctl start openvswitch.service [root@compute02 ~]# systemctl enable openvswitch.service Created symlink from /etc/systemd/system/multi-user.target.wants/openvswitch.service to /usr/lib/systemd/system/openvswitch.service. [root@compute02 ~]# systemctl status openvswitch.service ● openvswitch.service - Open vSwitch Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; enabled; vendor preset: disabled) Active: active (exited) since Sun 2018-08-05 10:16:12 EDT; 17s ago Main PID: 73958 (code=exited, status=0/SUCCESS) Aug 05 10:16:12 compute02 systemd[1]: Starting Open vSwitch... Aug 05 10:16:12 compute02 systemd[1]: Started Open vSwitch. [root@compute02 ~]#
Use below command to check the OVS version
[root@compute02 ~]# ovs-vsctl -V ovs-vsctl (Open vSwitch) 2.9.2 DB Schema 7.15.1 [root@compute02 ~]#
Step:4 Create the OVS bridge and add interfaces to it.
Use the below command to create ovs bridge,
[root@compute02 ~]# ovs-vsctl add-br ovs-br0
Now flush or remove IP from the interface, in my case IP as was assigned to eno16777736
[root@compute02 ~]# ip addr flush dev eno16777736
Now assign this IP address to ovs bridge(ovs-br0)
[root@compute02 ~]# ip addr add 192.168.1.4/24 dev ovs-br0
Add interface as port in ovs-br0 using below command,
[root@compute02 ~]# ovs-vsctl add-port ovs-br0 eno16777736
Now bring up the bridge using below ‘ip link’ command,
[root@compute02 ~]# ip link set dev ovs-br0 up
Note : Above changes are not persistent, so make these changes persistent across the reboot, we have to create ovs bridge file, steps are shown below
[root@compute02 ~]# cd /etc/sysconfig/network-scripts/ [root@compute02 network-scripts]# cp ifcfg-eno16777736 ifcfg-ovs-br0 [root@compute02 network-scripts]# [root@compute02 network-scripts]# vi ifcfg-eno16777736 DEVICE=eno16777736 HWADDR="00:0c:29:c1:c3:4e" TYPE=OVSPort DEVICETYPE=ovs OVS_BRIDGE=ovs-br0 ONBOOT=yes
Save and exit the file
[root@compute02 network-scripts]# vi ifcfg-ovs-br0 DEVICE=ovs-br0 DEVICETYPE=ovs TYPE=OVSBridge BOOTPROTO=static IPADDR=192.168.1.4 NETMASK=255.255.255.0 GATEWAY=192.168.1.1 ONBOOT=yes
Save & exit the file
Restart the network service using below command,
[root@compute02 network-scripts]# systemctl restart network
Now Verify ovs bridge and its ports using “ovs-vsctl” command
[root@compute02 ~]# ovs-vsctl show 8dc5f8e7-0e54-4d9d-ba7a-cd6b9b94f470 Bridge "ovs-br0" Port "ovs-br0" Interface "ovs-br0" type: internal Port "eno16777736" Interface "eno16777736" ovs_version: "2.9.2" [root@compute02 ~]#
Step:5 ) Create and define virsh ovs network
Create ovs network file with the following contents ,
[root@compute02 ~]# vi /tmp/ovs-network.xml <network> <name>ovs-network</name> <forward mode='bridge'/> <bridge name='ovs-br0'/> <virtualport type='openvswitch'/> </network>
Now define the ovs-network using below virsh command,
[root@compute02 ~]# virsh net-define /tmp/ovs-network.xml Network ovs-network defined from /tmp/ovs-network.xml [root@compute02 ~]# virsh net-start ovs-network Network ovs-network started [root@compute02 ~]# virsh net-autostart ovs-network Network ovs-network marked as autostarted [root@compute02 ~]#
Now verify the virsh network using beneath command,
[root@compute02 ~]# virsh net-list Name State Autostart Persistent ---------------------------------------------------------- default active yes yes ovs-network active yes yes [root@compute02 ~]#
Step:6) Create Virtual machines and attach ovs-network
Let’s create two test VMs using below virt-install command, specify the network for these VMs as ovs-network,
[root@compute02 ~]# virt-install -n testvm1 --description "Test VM1 for OVS " --os-type=Linux --os-variant=rhel7 --ram=1096 --vcpus=1 --disk path=/var/lib/libvirt/images/testvm1.img,bus=virtio,size=10 --network network:ovs-network --graphics none --location /root/CentOS-7-x86_64-DVD-1511.iso --extra-args console=ttyS0
Similarly Create a second test vm with name “testvm2”
[root@compute02 ~]# virt-install -n testvm2 --description "Test VM2 for OVS " --os-type=Linux --os-variant=rhel7 --ram=1096 --vcpus=1 --disk path=/var/lib/libvirt/images/testvm2.img,bus=virtio,size=10 --network network:ovs-network --graphics none --location /root/CentOS-7-x86_64-DVD-1511.iso --extra-args console=ttyS0
Once the VMs are created then their interfaces should be added in ovs bridge (ov-br0) automatically and we can verify this from ovs-vsctl command,
[root@compute02 ~]# ovs-vsctl show 8dc5f8e7-0e54-4d9d-ba7a-cd6b9b94f470 Bridge "ovs-br0" Port "ovs-br0" Interface "ovs-br0" type: internal Port "eno16777736" Interface "eno16777736" Port "vnet0" Interface "vnet0" Port "vnet1" Interface "vnet1" ovs_version: "2.9.2" [root@compute02 ~]# ovs-vsctl list-ports ovs-br0 eno16777736 vnet0 vnet1 [root@compute02 ~]#
In the above command vnet0 & vnet1 are VMs tap interface. When we shutdown these VMS then these ports will be removed from OVS Bridge (ovs-br0) automatically. Log files for ovs (openvswitch) are kept under the folder “/var/log/openvswitch“.
This conclude this article, I hope you got an idea how to install and use Open vSwitch 2.9 with KVM on CentOS 7 and RHEL 7 Servers. If you like article, please do share your feedback and comments.
Excellent post!! Really enjoyed it. One question how can we add are wifi port to the bridge.
You can add wifi interface to the ovs bridge using below command,
$ ovs-vsctl add-port {bridge-name} {wireless-adapter }
e.g : ovs-vsctl add-port ovs-br0 wlan0
Remove the IP from Wireless Adapter and assign the same IP to bridge
Superb article
Real good, easy steps. What would the steps be if you wanted to take an existing KVM setup with bridges in place and convert it over to OVS?
I would like to know this as well
Is the persistent network configs on the ovs for network-manager and not for networkd?
This was one the best article I have seen for OVS
Great Article, Very well explained!!
Keep up good work.
how to change password for ovs root
Great job! Thank you for writing this.
Nit: maybe add “python-six ” to initial yum install commad:
$ rpmbuild -bb –nocheck openvswitch-2.9.2/rhel/openvswitch-fedora.spec
error: Failed build dependencies:
python-six is needed by openvswitch-2.9.2-1.el7
sudo yum install -y python-six
This is not working on CentOS 8. When Do you think openvswitch with CentOS 8 is supported?
In CentOS 8, we have OVN (Open Virtual Network) in place of openvswitch. OVN is a part for OVS project.
Great article, thank you! This guide was very helpful for me. Appreciated you taking the time to write it up.
NOTE: If you are installing OpenvSwitch in CentOS 7.9 you may run into this conntrack bug: ‘https://bugzilla.redhat.com/show_bug.cgi?id=1890095’
The messages you may see during build from source if you hit this bug are:
In file included from lib/netlink-conntrack.c:27:0:
/usr/include/linux/netfilter/nf_conntrack_sctp.h:25:2: error: unknown type name ‘u8’
u8 last_dir;
^
/usr/include/linux/netfilter/nf_conntrack_sctp.h:26:2: error: unknown type name ‘u8′
u8 flags;
^
make[2]: *** [lib/netlink-conntrack.lo] Error 1
make[2]: Leaving directory `/opt/olxc/home/ubuntu/Downloads/orabuntu-lxc-master/uekulele/openvswitch/rpmbuild/BUILD/openvswitch-2.9.2′
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/opt/olxc/home/ubuntu/Downloads/orabuntu-lxc-master/uekulele/openvswitch/rpmbuild/BUILD/openvswitch-2.9.2’
make: *** [all] Error 2
error: Bad exit status from /var/tmp/rpm-tmp.nz3AXB (%build)
RPM build errors:
Bad exit status from /var/tmp/rpm-tmp.nz3AXB (%build)
[ubuntu@c7sv1 openvswitch]$ clear
Fortunately the conntrack issue is fixed in OpenvSwitch 2.12.1 and so he workaround is to install OpenvSwitch 2.12.1 instead of 2.9.2
see also: ‘https://access.redhat.com/errata/RHBA-2020:5307’
With those advisories in mind, the changes to accomplish the OpenvSwitch install on CentOS 7.9 are minimal as shown below:
As mentioned by Flaviof in a previous comment, python-six is needed:
sudo yum -y install python-six
For OpenvSwitch 2.12.1 three additional packages are needed if not already installed:
sudo yum -y install gcc-c++ unbound unbound-devel
With those changes, RPM package build was successful for me on:
[ubuntu@c7sv1 openvswitch]$ cat /etc/centos-release
CentOS Linux release 7.9.2009 (Core)
[ubuntu@c7sv1 openvswitch]$ uname -a
Linux c7sv1 3.10.0-1160.6.1.el7.x86_64 #1 SMP Tue Nov 17 13:59:11 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
[ubuntu@c7sv1 openvswitch]$
Using the build command as follows (I use an alternate topdir, which is optional)
rpmbuild –define “_topdir /opt/olxc/”$DistDir”/uekulele/openvswitch/rpmbuild” -ba –without check ./openvswitch-2.12.1/rhel/openvswitch-fedora.spec