网桥虚拟机

网桥虚拟机

  这里是一个通过网桥连接两个虚拟机的实验。
  实验环境:
  Linux版本:

# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)

  bridge-utils的版本:

# rpm -qa | grep bridge-utils
bridge-utils-1.5-9.el7.x86_64

  确认安装了qemu-kvm:

# rpm -qa | grep qemu-kvm
qemu-kvm-common-1.5.3-156.el7_5.5.x86_64
qemu-kvm-1.5.3-156.el7_5.5.x86_64

  确认安装了libvirt:

# rpm -qa | grep libvirt
libvirt-daemon-driver-lxc-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-storage-core-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-qemu-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-network-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-storage-mpath-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-storage-3.9.0-14.el7_5.7.x86_64
libvirt-libs-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-nwfilter-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-secret-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-storage-iscsi-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-storage-rbd-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-interface-3.9.0-14.el7_5.7.x86_64
libvirt-3.9.0-14.el7_5.7.x86_64
libvirt-client-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-config-nwfilter-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-nodedev-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-storage-scsi-3.9.0-14.el7_5.7.x86_64
libvirt-glib-1.0.0-1.el7.x86_64
libvirt-daemon-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-storage-logical-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-storage-gluster-3.9.0-14.el7_5.7.x86_64
libvirt-python-3.9.0-1.el7.x86_64
libvirt-daemon-config-network-3.9.0-14.el7_5.7.x86_64
libvirt-daemon-driver-storage-disk-3.9.0-14.el7_5.7.x86_64

  确认libvirtd已经启动:

# systemctl status libvirtd

  当libvirtd启动时,会自动创建网桥virbr0;

# brctl show
bridge name bridge id STP enabled interfaces
virbr0 8000.000000000000 yes

  首先,我们创建一个网桥br0:

# brctl addbr br0

  查看网桥:

[root@localhost ~]# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.000000000000 no

  说明网桥br已经创建成功了。
  然后,我们将enp2s0加入网桥br0

# brctl addif br0 enp2s0

  将enp2s0加入网桥br0后,则enp2s0上的IP地址会失效,意味着如果我们是通过ssh远程连接到系统,则执行完命令后网络就断开。
  本地登录系统,给网桥br0设置原enp2s0上的IP地址:

# ifconfig br0 192.168.1.102/24 up

  使用ssh重新连接系统,发送已经可以连通了。
  查看网桥:

# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.1c1b0ddd1968 no enp2s0
virbr0 8000.000000000000 yes

  查看网络接口:

# ifconfig
br0: flags=4163 mtu 1500
        inet 192.168.1.102 netmask 255.255.255.0 broadcast 192.168.1.255
        inet6 fe80::1e1b:dff:fedd:1968 prefixlen 64 scopeid 0x20
        ether 1c:1b:0d:dd:19:68 txqueuelen 0 (Ethernet)
        RX packets 1960 bytes 211307 (206.3 KiB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 5605 bytes 7030012 (6.7 MiB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp2s0: flags=4163 mtu 1500
        ether 1c:1b:0d:dd:19:68 txqueuelen 1000 (Ethernet)
        RX packets 2305 bytes 354485 (346.1 KiB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 5607 bytes 7030416 (6.7 MiB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73 mtu 65536
        inet 127.0.0.1 netmask 255.0.0.0
        inet6 ::1 prefixlen 128 scopeid 0x10
        loop txqueuelen 0 (Local Loopback)
        RX packets 1921 bytes 6867860 (6.5 MiB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 1921 bytes 6867860 (6.5 MiB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

virbr0: flags=4099 mtu 1500
        inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
        ether 00:00:00:00:00:00 txqueuelen 0 (Ethernet)
        RX packets 0 bytes 0 (0.0 B)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 0 bytes 0 (0.0 B)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

  可以发现br0已经成功设置了IP地址:192.168.1.102。
  两个虚拟机:VM1和VM2,添加网络设备时选择Bridge br0: Host device enp2s0
  虚拟机VM1的网络接口截图:

  虚拟机VM2的网络接口截图:

  启动虚拟机VM1后,会在host上自动生成网络接口vnet0

# ifconfig
br0: flags=4163 mtu 1500
        inet 192.168.1.102 netmask 255.255.255.0 broadcast 192.168.1.255
        inet6 fe80::1e1b:dff:fedd:1968 prefixlen 64 scopeid 0x20
        ether 1c:1b:0d:dd:19:68 txqueuelen 0 (Ethernet)
        RX packets 6449 bytes 512087 (500.0 KiB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 24020 bytes 32858430 (31.3 MiB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

enp2s0: flags=4163 mtu 1500
        ether 1c:1b:0d:dd:19:68 txqueuelen 1000 (Ethernet)
        RX packets 6990 bytes 786809 (768.3 KiB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 24036 bytes 32860606 (31.3 MiB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73 mtu 65536
        inet 127.0.0.1 netmask 255.0.0.0
        inet6 ::1 prefixlen 128 scopeid 0x10
        loop txqueuelen 0 (Local Loopback)
        RX packets 4641 bytes 31825276 (30.3 MiB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 4641 bytes 31825276 (30.3 MiB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

virbr0: flags=4099 mtu 1500
        inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
        ether 00:00:00:00:00:00 txqueuelen 0 (Ethernet)
        RX packets 0 bytes 0 (0.0 B)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 0 bytes 0 (0.0 B)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

vnet0: flags=4163 mtu 1500
        ether fe:54:00:02:be:54 txqueuelen 500 (Ethernet)
        RX packets 13 bytes 1518 (1.4 KiB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 11 bytes 1832 (1.7 KiB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

  并且可以看出生成的网络接口vnet0是连接到网桥br0上的:

# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.1c1b0ddd1968 no enp2s0
vnet0
virbr0 8000.000000000000 yes

  同理,启动虚拟机VM2后,会自动生成网络接口vnet1,并且vnet1也是连接到网桥br0上的。
  登录到虚拟机VM1,通过命令ip addr可以看到VM1中有一个网络接口ens8,其从DHCP获取的IP是192.168.1.5:

# ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
     valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
     valid_lft forever preferred_lft forever
2: ens8: mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:02:be:54 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.5/24 brd 192.168.1.255 scope global dynamic ens8
     valid_lft 6568sec preferred_lft 6568sec
    inet6 fe80::5054:ff:fe02:be54/64 scope link
     valid_lft forever preferred_lft forever

  同理,VM2获取的IP是192.168.1.6:

# ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
     valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
     valid_lft forever preferred_lft forever
2: ens8: mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:e7:d1:84 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.6/24 brd 192.168.1.255 scope global dynamic ens8
     valid_lft 6626sec preferred_lft 6626sec
    inet6 fe80::5054:ff:fee7:d184/64 scope link
     valid_lft forever preferred_lft forever

  对于四个主体:VM1、VM2、主机host和外网,可以通过ping测试其连通性。经测试这四个主体是互相连接的。