Configuring Open vSwitch on CentOS | RHEL | Fedora

In our recent guide we discussed installation of Open vSwitch on CentOS / RHEL 8 Linux server. This article will continue to show you how to configure network interfaces for use with Open vSwitch. I’ll demonstrate the creation of VLAN interfaces, creating OVS Bridge and Bonds with Open vSwitch by manually editing configuration files or using helper command line tools such as os-net-config.

I find the use of os-net-config script to be best and efficient way of configuring Open vSwitch as opposed to manually editing the configuration files in your CentOS, RHEL or Fedora Linux system. This is the method we’ll stick to in this guide but you can refer to network configuration scripts generated for how the actual lines should be added manually.

Step 1: Install Open vSwitch on CentOS | RHEL | Fedora

You might already have Open vSwitch installed on the machine that you’re working on. If not installed, refer to our guide below for installation on RHEL / CentOS 8:

• How To Install Open vSwitch on CentOS 8 | RHEL 8
• Install Open vSwitch on Rocky Linux 8|AlmaLinux 8

For CentOS 7, use the commands:

sudo yum install -y epel-release centos-release-openstack-train
sudo yum install openvswitch libibverbs

On Fedora:

sudo dnf -y install openvswitch libibverbs

Activate and enable openvswitch service:

sudo systemctl enable --now openvswitch

Validate by checking service status:

$ systemctl status openvswitch
● openvswitch.service - Open vSwitch
   Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; enabled; vendor preset: disabled)
   Active: active (exited) since Sat 2020-06-06 13:56:42 UTC; 1s ago
  Process: 5826 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 5826 (code=exited, status=0/SUCCESS)

Step 2: Install os-net-config network configuration tool

Next lets install os-net-config CLI tool which provides configuration of host networking via a YAML or JSON file formats.

By default os-net-config uses a YAML config file located at /etc/os-net-config/config.yaml. But this can be customized via the --config-file(-c) CLI option.

Option 1: Install os-net-config from OpenStack repository

If you have OpenStack repository configured, you can install the tool from it.

sudo yum -y install vim os-net-config

Check more details about the package:

$ rpm -qi os-net-config
Name        : os-net-config
Version     : 15.2.0
Release     : 1.el8
Architecture: noarch
Install Date: Mon Sep  5 15:53:57 2022
Group       : Unspecified
Size        : 3966230
License     : ASL 2.0
Signature   : RSA/SHA256, Thu Apr 21 17:13:59 2022, Key ID f9b9fee7764429e6
Source RPM  : os-net-config-15.2.0-1.el8.src.rpm
Build Date  : Wed Apr 13 15:51:28 2022
Build Host  : x86-06.rdu2.centos.org
Relocations : (not relocatable)
Packager    : CBS <[email protected]>
Vendor      : CentOS Community Build Service
URL         : http://pypi.python.org/pypi/os-net-config
Summary     : Host network configuration tool
Description :
Host network configuration tool for OpenStack.

Option 2: Install os-net-config using Pip

The os-net-config network configuration tool is distributed as python package that can be installed with pip|pip3:

Fedora / CentOS 8:

sudo dnf -y install python3-pip

CentOS 7:

sudo yum install -y epel-release
sudo yum -y install python-pip
sudo pip install os-net-config

If installation is successful, you should see output at the end similar to below.

....
Downloading https://files.pythonhosted.org/packages/df/f5/9c052db7bd54d0cbf1bc0bb6554362bba1012d03e5888950a4f5c5dadc4e/scandir-1.10.0.tar.gz
Installing collected packages: pbr, anyjson, six, monotonic, dnspython, greenlet, enum34, eventlet, iso8601, netaddr, wrapt, debtcollector, stevedore, oslo.i18n, rfc3986, PyYAML, certifi, idna, chardet, urllib3, requests, oslo.config, pytz, netifaces, pyparsing, oslo.utils, fasteners, oslo.concurrency, pyrsistent, attrs, unknown, unknown, contextlib2, scandir, pathlib2, importlib-metadata, functools32, jsonschema, pyudev, os-net-config
  Running setup.py install for anyjson ... done
  Running setup.py install for wrapt ... done
  Running setup.py install for debtcollector ... done
  Running setup.py install for stevedore ... done
  Running setup.py install for oslo.i18n ... done
  Running setup.py install for PyYAML ... done
  Found existing installation: chardet 2.2.1
    Uninstalling chardet-2.2.1:
      Successfully uninstalled chardet-2.2.1
  Running setup.py install for oslo.config ... done
  Running setup.py install for oslo.utils ... done
  Running setup.py install for oslo.concurrency ... done
  Running setup.py install for pyrsistent ... done
  Running setup.py install for unknown ... done
  Running setup.py install for unknown ... done
  Running setup.py install for scandir ... done
  Running setup.py install for functools32 ... done
  Found existing installation: pyudev 0.15
    Uninstalling pyudev-0.15:
      Successfully uninstalled pyudev-0.15
  Running setup.py install for pyudev ... done
  Running setup.py install for os-net-config ... done
Successfully installed PyYAML-5.3.1 anyjson-0.3.3 attrs-19.3.0 certifi-2020.4.5.1 chardet-3.0.4 contextlib2-0.6.0.post1 debtcollector-2.1.0 dnspython-1.16.0 enum34-1.1.10 eventlet-0.25.2 fasteners-0.15 functools32-3.2.3.post2 greenlet-0.4.16 idna-2.9 importlib-metadata-1.6.1 iso8601-0.1.12 jsonschema-3.2.0 monotonic-1.5 netaddr-0.7.19 netifaces-0.10.9 os-net-config-12.3.0 oslo.concurrency-4.1.0 oslo.config-8.1.0 oslo.i18n-5.0.0 oslo.utils-4.2.0 pathlib2-2.3.5 pbr-5.4.5 pyparsing-2.4.7 pyrsistent-0.16.0 pytz-2020.1 pyudev-0.22.0 requests-2.23.0 rfc3986-1.4.0 scandir-1.10.0 six-1.15.0 stevedore-2.0.0 unknown-0.0.0 unknown-0.0.0 urllib3-1.25.9 wrapt-1.12.1
You are using pip version 8.1.2, however version 20.1.1 is available.
You should consider upgrading via the 'pip install --upgrade pip' command.

Confirm if the command is in your PATH after installation.

$ which os-net-config
/usr/bin/os-net-config

Step 3: Configure Open vSwitch with os-net-config

After installation of both openvswitch package and os-net-config command line tool, we can begin to configure OVS interfaces, bridge and bonding as demanded by your use case.

Example 1: Single interface configuration with Static IP Address

Create a YAML configuration file:

vim ovs-interface.yml

Configure like below.

network_config:
  - type: interface
    name: eth1
    use_dhcp: false
    use_dhcpv6: false
    addresses:
    - ip_netmask: 172.21.200.10/24
    routes:
      - ip_netmask: 0.0.0.0/0
        next_hop: 172.21.200.254
        default: true

This will configure eth1 interface with static IP Address 172.21.200.10/24 and gateway 172.21.200.254.

Apply configuration:

sudo os-net-config -c ovs-interface.yml

Example 2: Configure OVS bridge with a single attached interface (port)

For bridge creation, the configuration file looks like below.

$ vim ovs-bridge-single-interface.yml
network_config:
  - type: ovs_bridge
    name: br-ex
    use_dhcp: false
    use_dhcpv6: false
    addresses:
    - ip_netmask: 172.21.200.10/24
    routes:
      - ip_netmask: 0.0.0.0/0
        next_hop: 172.21.200.254
        default: true
    members:
      -
        type: interface
        name: eth1

Make changes then apply the configuration os-net-config -c <yaml-file>

Example 3: Configure an OVS bridge on top of an OVS bond

Here is the configuration for OVS bridge created on an OVS bond.

network_config:
  - type: ovs_bridge
     name: br-ex
     use_dhcp: true
     members:
       - type: ovs_bond
         name: bond1
         members:
           - type: interface
             name: em1
           - type: interface
             name: em2

Example 4: Configure a tagged VLAN interface on top of an OVS bridge

network_config:
  - type: ovs_bridge
    name: br-ctlplane
    use_dhcp: true
    members:
      - type: interface
        name: em1
      - type: vlan
        vlan_id: 20
        addresses:
          - ip_netmask: 192.0.2.1/24

Example 5: Create an OVS Bond

This example will only create an OVS bond.

network_config:
  - type: ovs_bridge
    name: bond1
    use_dhcp: true
    members:
      - type: interface
        name: eno1
      - type: interface
        name: eno2

Checking OVS Configurations

Once you’ve applied OVS configurations, network configuration scripts will be added automatically to /etc/sysconfig/network-scripts/ directory.

$ ls /etc/sysconfig/network-scripts/

You can verify OVS settings and ports connections using the ovs-vsctl command:

$ ovs-vsctl show

Step 4: Create KVM network with OVS

If you’re using Open vSwitch with KVM virtualization, you’ll need to define a network that Virtual Machines will use.

Create a new bridge XML file.

vim kvm-ovs.xml

Add bridge details to the file.

<network>
  <name>ovs-bridge</name>
  <forward mode='bridge'/>
  <bridge name='br-ex'/>
  <virtualport type='openvswitch'/>
</network>

Where:

• ovs-bridge is the name of libvirt network to be created.
• br-ex is the name of OVS bridge that created network will use.

To define a network from an XML file without starting it, use:

sudo virsh net-define  kvm-ovs.xml

To start a (previously defined) inactive network, use:

sudo virsh net-start ovs-bridge

To set network to autostart at service start:

sudo virsh net-autostart  ovs-bridge

Check to Confirm if autostart flag is turned to yes – Persistent should read yes as well.

$ sudo virsh net-list --all
 Name              State    Autostart   Persistent
----------------------------------------------------
 ovs-bridge        active   yes         yes
 default           active   yes         yes

Stay tuned for more guides on OVS. Here are other interesting guides to go through.

• How To Use Ansible Playbook With Vagrant up
• Install Minikube Kubernetes on CentOS 8 with KVM