Reflection about general virtualization

English Virtualization
#1

Ok, after all these weeks I must say, I’m very disappointed of Leap 42.3.

Last time I used openSUSE was 3 years ago when it was still plain openSUSE; becoming Leap was supposed to bring more stability to everything in general, but it turned to be just as stable/unstable, or even only more unstable. Now laptop no longer boots.

First of all, I didn’t like how Yast “created the bridge device”:

Yast > System > Network settings > Summary tab
-------- fast ethernet --------- - no ip address – eth0 – slaved in br1
wireless network adapter – not configured --------------------------------
-------- passthrough ----------------------------------- br0 -----------------------
-------- passthrough ----------------- dhcp --------- br1 -----------------------

2 bridge devices instead of just one needed; worse, one faulty created -br0-. Seriously, WTH?

Second, exactly since the moment I enabled wicked for networking Connection settings in Virt-manager NEVER worked: it always makes GNOME crash, and some few times entire kernel. Going back to NetworkManager did not solve, only times it seemingly worked was when unplugging ethernet cable, and I’m not sure since my memory is not good to begin with…
Sometimes the bridged devices did appear in virt-installer’s 5th step, but when trying to create vm error ocurred: “the network device is already in use”

Later, there’s the fact of Suse/openSUSE virtualization docs being not quite good as in lacking information, just liek mentioned in previous threads of mine. Even though there’s the SPICE docs at spice-space website, it wouldn’t be excessive to have this matter covered in Suse docs, SPECIALLY when trying to correctly choose which paravirtualized drivers to use for Windows guests: either fedoraproject’s iso or spice-guest-tools. I think this is not a stupid question, but perhaps some do…
Also the lack of information about this realtively new macvtap driver, and when to use either this one or the common bridging schemes…

Now it’s too late. As I mentioned, now the piece of **** doesn’t boot anymore. Maybe all the attempts I did plus this issue Leap 42.3 shipped with all had to do…

#2

Hi
Yet in my test case I’ve had no issues, but haven’t worried about spice… I used wicked out of the box with the wireless and ethernet bridge for the VM, you seem to be using NetworkManager so that’s where you need to create the bridge not in YaST, delete them or use wicked full time.

All the openSUSE wiki/SDB/documents can be updated by you if that’s deemed necessary, there is no one person responsible for this task…

#3

YaST does nothing different than practically all other virtualization.
In fact, although it requires a little bit of deeper understanding it’s possible to read the documentation from other technologies and see that things are done the same way.

Probably most to the point though is that rejecting experienced advice will always put you on the path of hard knocks and in computing that’s especially costly in time and energy.

I’m not kidding when I say that the moment in a new install you find anomalies you should break everything down and start over.
With time and repetition, you won’t have to pave and re-build as often but in the beginning of every new setup I create (And there have been many, not just specialized platforms but also systems configured for specialized purposes like Development) I can often count on having to re-build plenty of times.

And, that’s why virtualization has been a godsend and primary tool in everything I do…
Once the virtualization is rock solid, then everything built on top of it is vastly accelerated because everything is disposable…
I can create snapshots to test small things or before doing something highly risky…
I can create a full backup as quickly as I can file copy the machine…
I can manage and create iteratively by cloning at various important stages…

But, that can all be done only by doing things <right> in the beginning and without shortcuts (like chasing problems instead of starting over when the whole system is suspect).

As for Spice, it’s an interesting alternative technology but as I stated in the very beginning with no guarantee you’ll get something that’s better than the default. So, there’s not that much interest and you’re pretty much on your own. It’d be very different if a few people explored it and reported objective benefits… And, that’s the way of all community based technologies… Instead of complaining, people have a “can do” approach that rewards the best of what we have.

TSU

#4

No issues here.

I was already using “wicked” before I installed KVM.

I have two bridge devices (“br0” and “br1”). It is “br1” that gives me my connection. I’m assuming that the “br0” has to do with how it is connected to VMs.

If I run another 42.3 in a VM, then while that is running I also seen another network device (in “ifconfig -a” output), that has something like “vnet” associated. The virtual network in that VM is set for “virtio”, so I assume that the additional “ifconfig -a” output is the backend for that “virtio” arrangement.

#5

BTW -
Should never make a diff using Network Manager vs Wicked on the HostoS, you just need to know what you’re doing.
And, of course in the Guest, it doesn’t really make any sense to use Network Manager since the Guest will always see a wired network, it’s only through the virtual network bridging device that is bound to a specific physical interface (outside the Guest) that a specific physical network connection is made.

But again… extending the above I’m not saying that a Guest <can’t> use Network Manager, it’s only that it doesn’t make much sense.
If configured using Network Manager, the Guest should <always> be configured to make a wired network connection, and in general should <never> change even if the physical machine might change network connections (eg from wired to wireless). On the outside however in the Guest Properties, if the physical connection is wireless, you may need to change to MacVtap.

TSU

#6

Could someone explain why Yast creates 2 freaking bridge devices? Shouldn’t just one virbr0 be enough for the entire network virtual networking?

Can’t network manager and virt-manager in general work together really? You know, laptop users do often need to connect to one wireless network and another… Is KVM really meant more for server applications instead or desktop users?

WTH is this “wicked” thing? Is it yet another “courtesy” of Yast? In other distros I only saw network manager and the known network systemd service with all its due scripts. Just either one or another…

What’s this macvtap thing, and in which cases to use it and in which others the known bridging model?
“Macvtap is meant to simplify the bridge-tap model commonly used. No host-guest communication support unless using a 2nd macvtap device”.
This is all I have read about. But seems to be not very liked…

#7

Hi
Have no idea why it creates them…it didn’t for me. So, go delete them, make sure both your ethernet and wireless are unconfigured and switch to NetworkManager. Then once using NetworkManager ensure you delete the ethernet profile and then hit the + button and create a bridge linked to eth0.

Maybe consider installing gnome-boxes then…
https://wiki.gnome.org/Apps/Boxes

#8

YaST doesn’t create bridge devices on its own. It only creates br0 during a Hypervisor and Virtualization install. If you see more, it’s because you either re-ran the install or otherwise created on your own.

Not KVM, but the default KVM setup <is> used more often in “serious” Production systems than as casual User setups, but not impossible. After all many people who learn KVM do so on their own personal machines which can be laptops. But, I’d say that most casual Users use Virtualbox or VMware instead (and there are other fine choices as well although not as commonly used).

I already stated in an above post that there is no reason why Network Manager can’t be used in either the Guest or HostOS, but there is no real reason to use it in a Guest and you only need to know what you’re doing to use it in the HostOS. If you <understand> how virtual networking bridging devices work and optionally MacVtap for those very few special situations, it’s really no big deal switching from Wicked to Network Manager (or back). If you don’t understand something ask <specific questions> after trying to think through the various concepts on your own.

Wicked in an enhanced shell over the classical ifup/ifdown. All older commands should be supported plus some enhancements which will likely be added over time. Wicked is fairly new, and a SUSE/openSUSE concept, only a few years old.

I’ve used MacVtap when I’m doing pentesting, specifically running aircrack-ng which generally requires direct network device hardware access so as to run in promiscuous mode and capture packets over the air.
I’ve never preferred or recommended using anything other than “ordinary” virtual network bridging devices for everything else.

TSU

#9

I do know these bridge devices should be used normally for virtual guest installations (not considering other more advanced usage), and that as far as a guest sees it just has a “baremetal wired connection”. I already understood as well that a bridge is (or should be) just created, not “configured”. I did think however that there were clear differences between each bridge “type” depending of what created them, whether br0 or virbr0…

For an ordinary desktop user, when creating a bridge from virt-manager one should set the brodge mode to NAT, right?

I asked about network manager because back when still testing I often got error messages when trying to create a bridge either from Yast (with wicked) and with virt-manager (with both wicked and network manger). Such message was something like “cannot complete setup: device is already in use”. Actually I tried several times the exercise of creating a bridge; sometimes it succeeded, sometimes I got the mentioned error. Never found out the error sources…

@malcolmlewis:

In a post of yours, 3rd screenshot, I noticed an oddity: if you use wicked, why do you have the network manager icon back in the top right corner?

#10

Hi
Correct, it’s a local machine, I’m connecting to the remote machine (bert) to the VM over ssh one of the great things about virt-manager :wink:

I have multiple machines, multiple screens, one keyboard and mouse and use qsynergy to move from machine/screen to machine/screen as well.

#11

You’ll forgive me I hope if I don’t answer this here for maybe the sixth time this past week in previous threads in which I think I answered in the clearest and most plain language, including descriptive examples.

All things being equal, I always recommend a NAT network for the following reasons which maximize success and avoids mistakes

  • A DHCP service can be provided automatically to the Guest. Many times for example people will use the br0 device in combination with the Guest configured as a DHCP client and don’t have a DHCP server configured properly on the physical network or make mistakes configuring a static address network configuration completely.
  • The Guest won’t conflict with other machines that already exist.

The only practical reason not to use a NAT bridge device is if the VM is a server providing network services to the LAN.

Don’t know what your error refers to because I’d need more info.
But, I guess I’d suspect that somehow you are trying to create a bridge device named the same as an existing device (every bridge device must be uniquely named).
As I described recently in a thread, you can run the following command which displays all existing bridge devices on the machine, no matter how it was created

brctl show

TSU