//
you're reading...
Centos, KVM, Systems

KVM and OpenVSwitch on Centos 6.3 Minimal

These are my notes for installing KVM on Centos 6.3 minimal.

# Install Centos 6.3 minimal x86_64 on a server

## Disable selinux
sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/sysconfig/selinux

## Set the hostname
vi /etc/sysconfig/network
HOSTNAME=whatevername

## Install basic tools
yum -y install screen sudo wget mlocate ntpdate git links

## (Optional) Install EPEL
wget http://mirror.chpc.utah.edu/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
rpm -ivh epel-release-6-7.noarch.rpm

## Update the system
yum -y update

## Disable services not used
chkconfig fcoe off
chkconfig ip6tables off
chkconfig iscsi off
chkconfig iscsid off
chkconfig lldpad off
chkconfig netfs off
chkconfig rpcbind off
chkconfig rpcgssd off
chkconfig rpcidmapd off
chkconfig nfslock off

## Install virtualization groups
yum groupinstall Virtualization "Virtualization Client" "Virtualization Platform" "Virtualization Tools"

## Install additional stuff needed
yum install avahi gcc make libxml2-devel gnutls-devel device-mapper-devel python-devel libnl-devel dejavu-lgc-sans-fonts openssl-devel yajl-devel avahi-devel libssh2-devel libcurl-devel kernel-devel

## Remove ebtables
yum -y remove ebtables

## Get and install libvirt sources (needed for openvswitch support)
wget http://libvirt.org/sources/libvirt-0.10.1.tar.gz
tar zxvf libvirt-0.10.1.tar.gz
cd libvirt-0.10.1
./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc
make; make install; ldconfig

### (Optional) Setup unsecured access to libvirtd
sed -i 's/#listen_tls = 0/listen_tls = 0/' /etc/libvirt/libvirtd.conf
sed -i 's/#auth_unix_rw = "none"/auth_unix_rw = "none"/' /etc/libvirt/libvirtd.conf

## Start libvirtd service
service messagebus start
service avahi-daemon start
service libvirtd start

## Set libvirtd to start on boots
chkconfig libvirtd on

## Disabled libvirt network
virsh net-destroy default
virsh net-undefine default

## Get and install openvswitch
wget http://openvswitch.org/releases/openvswitch-1.7.1.tar.gz
tar zxvf openvswitch-1.7.1.tar.gz
cd openvswitch-1.7.1
./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc --with-linux=/lib/modules/`uname -r`/build

#### There seems to be an issue with skbuff.h, so here's what I do to get around it, not 100% is this is right or what impact it might have, so use at your own risk
sed -i 's/#if LINUX_VERSION_CODE < KERNEL_VERSION(3,2,0)/#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,32)/' datapath/linux/compat/include/linux/skbuff.h

## Build and install openvswitch
make; make install; ldconfig

## Build and install the kernel modules&lt;code&gt;
make -C /usr/src/kernels/`uname -r` modules_install M=~/openvswitch-1.7.1/datapath/linux

## Copy over sysconfig files
cp rhel/etc_init.d_openvswitch /etc/init.d/openvswitch
cp rhel/etc_logrotate.d_openvswitch /etc/logrotate.d/openvswitch
cp rhel/etc_sysconfig_network-scripts_ifup-ovs /etc/sysconfig/network-scripts/ifup-ovs
cp rhel/etc_sysconfig_network-scripts_ifdown-ovs /etc/sysconfig/network-scripts/ifdown-ovs
cp rhel/usr_share_openvswitch_scripts_sysconfig.template /etc/sysconfig/openvswitch

## Edit sysconfig file for BRCOMPAT
sed -i 's/# BRCOMPAT=yes/BRCOMPAT=yes/' /etc/sysconfig/openvswitch

## Create bridge file
vi /etc/sysconfig/network-scripts/ifcfg-ovsbr1
DEVICE=ovsbr1
ONBOOT=yes
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
IPADDR=10.0.0.1
NETMASK=255.255.255.0
HOTPLUG=no

## Remove bridge module
rmmod bridge

## Blacklist the bridge module
echo >> /etc/modprobe.d/blacklist.conf <<EOT
# Bridge, using openvswitch instead
blacklist bridge
EOT

## Start openvswitch
service openvswitch start

### This next part is not needed if using OpenStack ###

## (Optional) Add Iptables NAT and Rules
iptables -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A INPUT -i ovsbr1 -j ACCEPT
iptables -A FORWARD -i ovsbr1 -j ACCEPT

## Save iptables rules
service iptables save

## Edit the saved iptables file, remove the FORWARD REJECT
vi /etc/sysconfig/iptables
#-A FORWARD -j REJECT --reject-with icmp-host-prohibited

## Restart iptables
service iptables restart

Startup script for dealing with port forwarding for VM’s and Open vSwitch bridges.

Advertisements

Discussion

6 thoughts on “KVM and OpenVSwitch on Centos 6.3 Minimal

  1. hello. I really appreciate this post.
    But i have some trouble in a step of starting openvswitch service.
    ————————————————————————————————–
    >service openvswitch start
    Inserting openvswitch module FATAL : Module openvswitch not found.
    ————————————————————————————————–
    How to check the openvswitch modules were installed?

    Posted by dbgladiator | November 12, 2012, 9:55 pm
  2. Are you using Centos 6.3 x86_64? if so the module should be in /lib/modules/`uname -r`/extra

    You can try doing a modprobe of the modules in extra and see if they load.

    Make sure you did the rmmod bridge first.

    If you are still having issues, see if you can rerun the make -C line above (line 77) and look for any errors.

    My test system uses kernel 2.6.32-279.el6.x86_64 because of the infiniband drivers I need, but it should work ok with later updates of the kernel within reason.

    I just build openvswitch on 2.6.32-279.11.1.el6.x86_64 and it loaded with no issues using the same steps as above.

    Posted by koaps | November 13, 2012, 1:32 am
  3. Had the same issue. Here is what I did:
    1. Copy virtualswitch.ko to /lib/modules//kernel/net/bridge
    2. run depmod

    Posted by Rossi | December 21, 2012, 10:12 am

Trackbacks/Pingbacks

  1. Pingback: Kicking Centos 6.3 KVM Guests « Nullworks - September 19, 2012

  2. Pingback: CentOS 6 KVM, Bonded and Bridged Networking … | Ian Works Here - March 27, 2013

  3. Pingback: Open vSwitch часть №2. Развертывание | iVirt-it.ru - November 29, 2013

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s