Oracle 12c RAC ASM Flex Cluster on LXC Linux Containers Ubuntu 14.10

This blog post is intended to be a complete, comprehensive step-by-step how-to for installing Oracle 12c RAC GNS ASM Flex Cluster on Ubuntu 14.10 using Oracle Enterprise Linux 6.5 LXC Linux Containers and OpenvSwitch.

Updated Begin for Ubuntu 15.04 2015-05-16

I recently upgraded my laptop to Ubuntu 15.04 and there were a few issues which were resolved which had to do with SCST. The cpu_mask issue is a reported bug in SCST. Bart Van Assche responded back to my SCST list server enquiry with the following information:

Until June 2014 there was a bug in the SCST code for parsing cpu masks. You may have hit that bug. Updating to SCST trunk r5596 or later or to the latest version of the SCST 3.0 branch should resolve the issue related to parsing cpu masks.

Update End for Ubuntu 15.04 2015-05-16

This guide is also a de-facto recipe for creating an OpenvSwitch-based Ubuntu Linux [ desktop | laptop ] networking environment that accomplishes a number of key goals as enumerated below.

Design Assumptions

This set of procedures has been tested and built on a fresh install of the following Ubuntu distributions. Installation on matching Ubuntu installations which have been running for a few months or years and have been customized could possibly introduce variations of existing configuration that could cause the steps described in this blog to have results different from the desired and expected results, YMMV. This blog to reiterate assumes a fresh install of the following distributions, and has been built and tested successfully on all of the following distributions of Ubuntu Linux.

• Ubuntu 14.04 64-bit desktop edition

• Ubuntu 14.10 64-bit desktop edition

• Ubuntu 15.04 64-bit desktop edition

Note, if installing Ubuntu 14.04 or 14.10 fresh for this work, do NOT accept the "download updates during install" option. The reason is because these updates contain a number of CVE kernel security updates, and this procedure uses the post install Ubuntu CVE updates to check and verify correct operation of Oracle Ksplice, so, in other words, Oracle Ksplice will handle the post-install CVE kernel security updates. Once KSplice operation has been so verified, Ubuntu Software Updater can be used for updates going forward as normal. Oracle KSplice can be used for urgent CVE kernel security updates with zero downtime as needed.

Definitions

DEU

Density and elasticity unit. What formerly was called a "VM" but which now, with the advent of Linux Containers, requires imho a new term which includes density and elasticity solutions such as LXC which do not use hardware virtualization and as such are not "machines" at all. So in this blog, a "DEU" will be used as the all-inclusive term to describe a single "VM" or "LXC Linux Container".

VM

A type of DEU which uses a hypervisor to virtualize (emulate using software) the hardware layers of an actual physical machine and provides what is often called a "guest" operating system.

LXC

The term LXC will be used interchangeably according to context to either mean the software called LXC which is a Linux Container software in the same category as OpenVZ and others, and in other contexts, LXC may be used to denote a specific single LXC DEU which is running on LXC software.

Design Features

1. No changes to Ubuntu dnsmasq-base default network, i.e is a pure add-on networking overlay;

2. Does not require any changes to Ubuntu NetworkManager or to default Ubuntu networking;

3. Does not require any removal of Linux Bridge software;

4. No physical interfaces directly to the OpenvSwitch (iptables/NAT/masq for external address resolution);

5. Allows external interface switching on LXC containers are running with NO loss of www DNS resolution;

6. Automatic internet-connected interface (eth0, wlan0, bnep0) detection and connection to OpenvSwitch;

7. Uses OpenvSwitch as the networking solution for LXC, KVM and VirtualBox DEUs;

8. Uses bind9 for OpenvSwitch DNS;

9. Uses isc-dhcp-server for OpenvSwitch DHCP services;

10. Integrates DNS and DHCP to update DNS automatically when new DEUs are added;

11. Uses the built-in Ubuntu dnsmasq-base for Ubuntu default networking.

12. Because it's LXC, VT-d and VT-x are NOT needed so older laptops and desktops without VT-d/x should be able to run LXC

The installation of bind9 is constructed so as not to interfere with the default Ubuntu desktop; that is, both bind9 and dnsmasq-base coexist peacefully and successfully so that even with the OpenvSwitch and bind9 installed, all the features of Ubuntu NetworkManager are preserved, including use of WIFI network manager, VPN manager, and in general ALL default and configurable features of Ubuntu NetworkManager.

Install Synaptic Package Manager (optional)

Synaptic Package Manager is not required, but has some very nice features so it can be installed. It was the GUI for package management in Ubuntu Linux desktop prior to the introduction of the "Ubuntu Software Manager". Both tools can coexist, and synaptic can sometimes be very useful for some tasks.

gstanden@W520:~$ sudo apt-get install synaptic

Reading package lists... Done

Building dependency tree

Reading state information... Done

The following extra packages will be installed:

docbook-xml libcairo-perl libept1.4.12 libglib-perl libgtk2-perl libpango-perl librarian0 rarian-compat sgml-data

Suggested packages:

docbook docbook-dsssl docbook-xsl docbook-defguide libfont-freetype-perl libgtk2-perl-doc perlsgml w3-recs opensp libxml2-utils dwww menu deborphan tasksel

The following NEW packages will be installed:

docbook-xml libcairo-perl libept1.4.12 libglib-perl libgtk2-perl libpango-perl librarian0 rarian-compat sgml-data synaptic

0 upgraded, 10 newly installed, 0 to remove and 79 not upgraded.

Need to get 3,396 kB of archives.

After this operation, 17.5 MB of additional disk space will be used.

Do you want to continue? [Y/n] Y

Get:1 http://us.archive.ubuntu.com/ubuntu/ utopic/main libept1.4.12 amd64 1.0.12 [142 kB]

Get:2 http://us.archive.ubuntu.com/ubuntu/ utopic/main sgml-data all 2.0.9-1 [277 kB]

Get:3 http://us.archive.ubuntu.com/ubuntu/ utopic/main docbook-xml all 4.5-7.2 [336 kB]

Get:4 http://us.archive.ubuntu.com/ubuntu/ utopic/universe libcairo-perl amd64 1.104-1build1 [91.9 kB]

Get:5 http://us.archive.ubuntu.com/ubuntu/ utopic/universe libglib-perl amd64 3:1.305-1build1 [334 kB]

Get:6 http://us.archive.ubuntu.com/ubuntu/ utopic/universe libpango-perl amd64 1.226-1build1 [187 kB]

Get:7 http://us.archive.ubuntu.com/ubuntu/ utopic/universe libgtk2-perl amd64 2:1.2492-2 [560 kB]

Get:8 http://us.archive.ubuntu.com/ubuntu/ utopic/main librarian0 amd64 0.8.1-6 [50.4 kB]

Get:9 http://us.archive.ubuntu.com/ubuntu/ utopic/main rarian-compat amd64 0.8.1-6 [55.7 kB]

Get:10 http://us.archive.ubuntu.com/ubuntu/ utopic/universe synaptic amd64 0.81.2 [1,361 kB]

Fetched 3,396 kB in 3s (884 kB/s)

Selecting previously unselected package libept1.4.12:amd64.

(Reading database ... 169725 files and directories currently installed.)

Preparing to unpack .../libept1.4.12_1.0.12_amd64.deb ...

Unpacking libept1.4.12:amd64 (1.0.12) ...

Selecting previously unselected package sgml-data.

Preparing to unpack .../sgml-data_2.0.9-1_all.deb ...

Unpacking sgml-data (2.0.9-1) ...

Selecting previously unselected package docbook-xml.

Preparing to unpack .../docbook-xml_4.5-7.2_all.deb ...

Unpacking docbook-xml (4.5-7.2) ...

Selecting previously unselected package libcairo-perl.

Preparing to unpack .../libcairo-perl_1.104-1build1_amd64.deb ...

Unpacking libcairo-perl (1.104-1build1) ...

Selecting previously unselected package libglib-perl.

Preparing to unpack .../libglib-perl_3%3a1.305-1build1_amd64.deb ...

Unpacking libglib-perl (3:1.305-1build1) ...

Selecting previously unselected package libpango-perl.

Preparing to unpack .../libpango-perl_1.226-1build1_amd64.deb ...

Unpacking libpango-perl (1.226-1build1) ...

Selecting previously unselected package libgtk2-perl.

Preparing to unpack .../libgtk2-perl_2%3a1.2492-2_amd64.deb ...

Unpacking libgtk2-perl (2:1.2492-2) ...

Selecting previously unselected package librarian0.

Preparing to unpack .../librarian0_0.8.1-6_amd64.deb ...

Unpacking librarian0 (0.8.1-6) ...

Selecting previously unselected package rarian-compat.

Preparing to unpack .../rarian-compat_0.8.1-6_amd64.deb ...

Unpacking rarian-compat (0.8.1-6) ...

Selecting previously unselected package synaptic.

Preparing to unpack .../synaptic_0.81.2_amd64.deb ...

Unpacking synaptic (0.81.2) ...

Processing triggers for sgml-base (1.26+nmu4ubuntu1) ...

Processing triggers for man-db (2.7.0.2-2) ...

Processing triggers for doc-base (0.10.6) ...

Scrollkeeper was installed, forcing re-registration of all documents.

Unregistering 34 doc-base files, re-registering 34 doc-base files...

Registering documents with scrollkeeper...

Processing triggers for gnome-menus (3.10.1-0ubuntu2) ...

Processing triggers for desktop-file-utils (0.22-1ubuntu2) ...

Processing triggers for bamfdaemon (0.5.1+14.10.20140925-0ubuntu1) ...

Rebuilding /usr/share/applications/bamf-2.index...

Processing triggers for mime-support (3.55ubuntu1) ...

Processing triggers for hicolor-icon-theme (0.13-1) ...

Setting up libept1.4.12:amd64 (1.0.12) ...

Setting up sgml-data (2.0.9-1) ...

Setting up libcairo-perl (1.104-1build1) ...

Setting up libglib-perl (3:1.305-1build1) ...

Setting up libpango-perl (1.226-1build1) ...

Setting up libgtk2-perl (2:1.2492-2) ...

Setting up librarian0 (0.8.1-6) ...

Setting up synaptic (0.81.2) ...

Processing triggers for sgml-base (1.26+nmu4ubuntu1) ...

Setting up docbook-xml (4.5-7.2) ...

Processing triggers for sgml-base (1.26+nmu4ubuntu1) ...

Setting up rarian-compat (0.8.1-6) ...

Processing triggers for libc-bin (2.19-10ubuntu2) ...

gstanden@W520:~$

Install Oracle Ksplice (optional)

Oracle Ksplice is a free product for Ubuntu Linux which allows updates of kernel software with no downtime. Oracle Ksplice is not required for this project, but as Wim Coaekerts has pointed out here, Oracle Ksplice is likely to play a big role for organizations using Linux Containers, because Ksplice allows zero downtime kernel security patching. So it is included in this blog as part of this build, especially since Ksplice is free to install and use the service for Ubuntu Linux.

Oracle Ksplice will be a key part of any LXC Linux Container deployment because it allows all LXC Containers to continue running during security updates to the single kernel used by all LXC containers on the system. Installation of Ksplice for Ubuntu 14.10 is detailed here.

Note, however, that I found that the instructions given at that link DO NOT work for Ubuntu 14.04 nor for Ubuntu 14.10 desktops. In particular, the Oracle agreement popups do not launch from the Ubuntu Software Manager. Thus KSplice must be installed as shown below. Along the way a couple of screens will appear that require accepting license terms etc. Accept the terms and continue. KSplice Uptrack is successfully installed. Installing KSplice I found required attempting to install using Ubuntu Software Center, which fails (screen goes gray), then killing the Ubuntu Software Center screen (force quit) and then running the install with dpkg -i command. There's probably a better way but this works.

Install Pre-requisite Packages for Oracle KSplice

Next install the pre-requisite packages for KSplice. Some of them will already be present, but issue the command with all of them to be sure to get all required Ksplice pre-requisite packages installed.

gstanden@W520:~/Downloads$ sudo apt-get install python python-support debconf python-yaml uuid-runtime gnupg python-pycurl lsb-base python-gtk2 python-glade2 gksu dbus dbus-x11 python-dbus consolekit librsvg2-common module-init-tools lsb-release dmidecode iproute util-linux cron debconf curl

Reading package lists... Done

Building dependency tree

Reading state information... Done

cron is already the newest version.

debconf is already the newest version.

dmidecode is already the newest version.

gnupg is already the newest version.

iproute is already the newest version.

librsvg2-common is already the newest version.

lsb-base is already the newest version.

lsb-release is already the newest version.

module-init-tools is already the newest version.

python is already the newest version.

python-dbus is already the newest version.

python-gtk2 is already the newest version.

util-linux is already the newest version.

uuid-runtime is already the newest version.

The following extra packages will be installed:

libck-connector0 libcurl3 libgksu2-0 libglade2-0 libpam-ck-connector libyaml-0-2

Suggested packages:

python-gtk2-doc libcurl4-gnutls-dev python-pycurl-dbg python-pycurl-doc

The following NEW packages will be installed:

consolekit curl gksu libck-connector0 libgksu2-0 libglade2-0 libpam-ck-connector libyaml-0-2 python-glade2 python-pycurl python-support python-yaml

The following packages will be upgraded:

dbus dbus-x11 libcurl3

3 upgraded, 12 newly installed, 0 to remove and 76 not upgraded.

Need to get 1,028 kB of archives.

After this operation, 2,962 kB of additional disk space will be used.

Do you want to continue? [Y/n] Y

Get:1 http://us.archive.ubuntu.com/ubuntu/ utopic/main libck-connector0 amd64 0.4.6-5 [8,784 B]

Get:2 http://us.archive.ubuntu.com/ubuntu/ utopic-updates/main libcurl3 amd64 7.37.1-1ubuntu3.1 [178 kB]

Get:3 http://us.archive.ubuntu.com/ubuntu/ utopic/main libglade2-0 amd64 1:2.6.4-2 [44.6 kB]

Get:4 http://us.archive.ubuntu.com/ubuntu/ utopic/main libyaml-0-2 amd64 0.1.6-1 [47.4 kB]

Get:5 http://us.archive.ubuntu.com/ubuntu/ utopic-updates/main dbus amd64 1.8.8-1ubuntu2.1 [243 kB]

Get:6 http://us.archive.ubuntu.com/ubuntu/ utopic/main consolekit amd64 0.4.6-5 [77.3 kB]

Get:7 http://us.archive.ubuntu.com/ubuntu/ utopic-updates/main curl amd64 7.37.1-1ubuntu3.1 [126 kB]

Get:8 http://us.archive.ubuntu.com/ubuntu/ utopic-updates/main dbus-x11 amd64 1.8.8-1ubuntu2.1 [21.3 kB]

Get:9 http://us.archive.ubuntu.com/ubuntu/ utopic/universe libgksu2-0 amd64 2.0.13~pre1-6ubuntu7 [72.1 kB]

Get:10 http://us.archive.ubuntu.com/ubuntu/ utopic/universe gksu amd64 2.0.2-6ubuntu2 [27.8 kB]

Get:11 http://us.archive.ubuntu.com/ubuntu/ utopic/main libpam-ck-connector amd64 0.4.6-5 [7,616 B]

Get:12 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-glade2 amd64 2.24.0-3ubuntu3 [8,744 B]

Get:13 http://us.archive.ubuntu.com/ubuntu/ utopic/universe python-support all 1.0.15 [26.7 kB]

Get:14 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-yaml amd64 3.11-1 [103 kB]

Get:15 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-pycurl amd64 7.19.5-3ubuntu1 [36.2 kB]

Fetched 1,028 kB in 3s (262 kB/s)

Selecting previously unselected package libck-connector0:amd64.

(Reading database ... 170668 files and directories currently installed.)

Preparing to unpack .../libck-connector0_0.4.6-5_amd64.deb ...

Unpacking libck-connector0:amd64 (0.4.6-5) ...

Preparing to unpack .../libcurl3_7.37.1-1ubuntu3.1_amd64.deb ...

Unpacking libcurl3:amd64 (7.37.1-1ubuntu3.1) over (7.37.1-1ubuntu3) ...

Selecting previously unselected package libglade2-0:amd64.

Preparing to unpack .../libglade2-0_1%3a2.6.4-2_amd64.deb ...

Unpacking libglade2-0:amd64 (1:2.6.4-2) ...

Selecting previously unselected package libyaml-0-2:amd64.

Preparing to unpack .../libyaml-0-2_0.1.6-1_amd64.deb ...

Unpacking libyaml-0-2:amd64 (0.1.6-1) ...

Preparing to unpack .../dbus_1.8.8-1ubuntu2.1_amd64.deb ...

Unpacking dbus (1.8.8-1ubuntu2.1) over (1.8.8-1ubuntu2) ...

Selecting previously unselected package consolekit.

Preparing to unpack .../consolekit_0.4.6-5_amd64.deb ...

Unpacking consolekit (0.4.6-5) ...

Selecting previously unselected package curl.

Preparing to unpack .../curl_7.37.1-1ubuntu3.1_amd64.deb ...

Unpacking curl (7.37.1-1ubuntu3.1) ...

Preparing to unpack .../dbus-x11_1.8.8-1ubuntu2.1_amd64.deb ...

Unpacking dbus-x11 (1.8.8-1ubuntu2.1) over (1.8.8-1ubuntu2) ...

Selecting previously unselected package libgksu2-0.

Preparing to unpack .../libgksu2-0_2.0.13~pre1-6ubuntu7_amd64.deb ...

Unpacking libgksu2-0 (2.0.13~pre1-6ubuntu7) ...

Selecting previously unselected package gksu.

Preparing to unpack .../gksu_2.0.2-6ubuntu2_amd64.deb ...

Unpacking gksu (2.0.2-6ubuntu2) ...

Selecting previously unselected package libpam-ck-connector:amd64.

Preparing to unpack .../libpam-ck-connector_0.4.6-5_amd64.deb ...

Unpacking libpam-ck-connector:amd64 (0.4.6-5) ...

Selecting previously unselected package python-glade2.

Preparing to unpack .../python-glade2_2.24.0-3ubuntu3_amd64.deb ...

Unpacking python-glade2 (2.24.0-3ubuntu3) ...

Selecting previously unselected package python-support.

Preparing to unpack .../python-support_1.0.15_all.deb ...

Unpacking python-support (1.0.15) ...

Selecting previously unselected package python-yaml.

Preparing to unpack .../python-yaml_3.11-1_amd64.deb ...

Unpacking python-yaml (3.11-1) ...

Selecting previously unselected package python-pycurl.

Preparing to unpack .../python-pycurl_7.19.5-3ubuntu1_amd64.deb ...

Unpacking python-pycurl (7.19.5-3ubuntu1) ...

Processing triggers for ureadahead (0.100.0-16) ...

ureadahead will be reprofiled on next reboot

Processing triggers for man-db (2.7.0.2-2) ...

Processing triggers for gconf2 (3.2.6-2ubuntu1) ...

Processing triggers for gnome-menus (3.10.1-0ubuntu2) ...

Processing triggers for desktop-file-utils (0.22-1ubuntu2) ...

Processing triggers for bamfdaemon (0.5.1+14.10.20140925-0ubuntu1) ...

Rebuilding /usr/share/applications/bamf-2.index...

Processing triggers for mime-support (3.55ubuntu1) ...

Setting up libck-connector0:amd64 (0.4.6-5) ...

Setting up libcurl3:amd64 (7.37.1-1ubuntu3.1) ...

Setting up libglade2-0:amd64 (1:2.6.4-2) ...

Setting up libyaml-0-2:amd64 (0.1.6-1) ...

Setting up dbus (1.8.8-1ubuntu2.1) ...

Installing new version of config file /etc/init.d/dbus ...

Setting up curl (7.37.1-1ubuntu3.1) ...

Setting up libgksu2-0 (2.0.13~pre1-6ubuntu7) ...

update-alternatives: using /usr/share/libgksu/debian/gconf-defaults.libgksu-sudo to provide /usr/share/gconf/defaults/10_libgksu (libgksu-gconf-defaults) in auto mode

Setting up libpam-ck-connector:amd64 (0.4.6-5) ...

Setting up python-glade2 (2.24.0-3ubuntu3) ...

Setting up python-support (1.0.15) ...

Setting up python-yaml (3.11-1) ...

Setting up python-pycurl (7.19.5-3ubuntu1) ...

Processing triggers for ureadahead (0.100.0-16) ...

Setting up consolekit (0.4.6-5) ...

Setting up dbus-x11 (1.8.8-1ubuntu2.1) ...

Processing triggers for gconf2 (3.2.6-2ubuntu1) ...

Setting up gksu (2.0.2-6ubuntu2) ...

Processing triggers for libc-bin (2.19-10ubuntu2) ...

Processing triggers for dbus (1.8.8-1ubuntu2.1) ...

gstanden@W520:~/Downloads$

Download Oracle KSplice Uptrack

Now download the KSplice Uptrack *.deb package from the Ksplice website. Download it but do not install it (do not use Ubuntu Software Installer option). The installation will be done manually using the "dpkg -i" command as shown below.

gstanden@W520:~/Downloads$ ls -lrt

-rw-rw-r-- 1 gstanden gstanden 250832 Dec 25 22:54 ksplice-uptrack.deb

Install Oracle KSplice Uptrack

Now install KSplice using "dpkg -i" command as shown below.

gstanden@W520:~/Downloads$ sudo dpkg -i ksplice-uptrack.deb

Selecting previously unselected package ksplice-uptrack.

(Reading database ... 170869 files and directories currently installed.)

Preparing to unpack ksplice-uptrack.deb ...

Unpacking ksplice-uptrack (1.2.23-1~ubuntu14.10) ...

Setting up ksplice-uptrack (1.2.23-1~ubuntu14.10) ...

update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults

Adding 'diversion of /sbin/modprobe to /sbin/modprobe.ksplice-orig by ksplice-uptrack'

Adding 'diversion of /sbin/depmod to /sbin/depmod.ksplice-orig by ksplice-uptrack'

Adding 'diversion of /usr/share/update-notifier/notify-reboot-required to /usr/share/update-notifier/notify-reboot-required.ksplice-orig by ksplice-uptrack'

Adding 'diversion of /etc/kerneloops.conf to /etc/kerneloops.conf.ksplice-orig by ksplice-uptrack'

update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults

* Restarting Kernel Oops catching service kerneloops [ OK ]

OK

Processing triggers for ureadahead (0.100.0-16) ...

Processing triggers for hicolor-icon-theme (0.13-1) ...

Processing triggers for gnome-menus (3.10.1-0ubuntu2) ...

Processing triggers for desktop-file-utils (0.22-1ubuntu2) ...

Processing triggers for bamfdaemon (0.5.1+14.10.20140925-0ubuntu1) ...

Rebuilding /usr/share/applications/bamf-2.index...

Processing triggers for mime-support (3.55ubuntu1) ...

Processing triggers for man-db (2.7.0.2-2) ...

Processing triggers for python-support (1.0.15) ...

gstanden@W520:~/Downloads$

Test KSplice GUI

Test Ksplice using the GUI tool and see if it finds any updates that are needed. As shown below, KSplice locates CVE kernel security updates that are available and queues them up for installation.

As usual, Ubuntu requires authentication to run a privileged app. Enter your linux account password and press "authenticate".

Oracle KSplice Uptrack installs all updates and indicates which updates are currently installing on the progress bar as shown below.

Oracle KSplice Uptrack reports on the GUI that kernel is now fully updated and all CVE have been applied as shown below. Review the updates and press "close".

Update Fresh Installation (optional)

If this is a fresh install, then update Ubuntu software to get all most recent updates using the Software Updater app or "sudo apt-get update". If this is not a fresh install, optionally check for updates using the same steps.

Install LXC, OpenvSwitch, and UML-Utilities Packages

Now install other required packages as shown below.

gstanden@W520:~$ sudo apt-get install lxc uml-utilities openvswitch-switch

[sudo] password for gstanden:

Reading package lists... Done

Building dependency tree

Reading state information... Done

The following extra packages will be installed:

bridge-utils cloud-image-utils debootstrap distro-info distro-info-data euca2ools libaio1 libboost-thread1.55.0 liblxc1 librados2 librbd1 libseccomp2 lxc-templates

openvswitch-common python-distro-info python-requestbuilder python-requests python-setuptools python-urllib3 python3-lxc qemu-utils sharutils uidmap

Suggested packages:

shunit2 btrfs-tools lxctl qemu-user-static openvswitch-datapath-module bsd-mailx mailx user-mode-linux

The following NEW packages will be installed:

bridge-utils cloud-image-utils debootstrap distro-info distro-info-data euca2ools libaio1 libboost-thread1.55.0 liblxc1 librados2 librbd1 libseccomp2 lxc

lxc-templates openvswitch-common openvswitch-switch python-distro-info python-requestbuilder python-requests python-setuptools python-urllib3 python3-lxc qemu-utils

sharutils uidmap uml-utilities

0 upgraded, 26 newly installed, 0 to remove and 0 not upgraded.

Need to get 5,711 kB of archives.

After this operation, 25.7 MB of additional disk space will be used.

Do you want to continue? [Y/n] Y

Get:1 http://us.archive.ubuntu.com/ubuntu/ utopic/main libaio1 amd64 0.3.110-1 [6,454 B]

Get:2 http://us.archive.ubuntu.com/ubuntu/ utopic/main libboost-thread1.55.0 amd64 1.55.0+dfsg-1ubuntu3 [27.4 kB]

Get:3 http://us.archive.ubuntu.com/ubuntu/ utopic/main libseccomp2 amd64 2.1.1-1 [26.3 kB]

Get:4 http://us.archive.ubuntu.com/ubuntu/ utopic/main liblxc1 amd64 1.1.0~alpha2-0ubuntu3 [173 kB]

Get:5 http://us.archive.ubuntu.com/ubuntu/ utopic-updates/main librados2 amd64 0.80.7-0ubuntu0.14.10.1 [1,582 kB]

Get:6 http://us.archive.ubuntu.com/ubuntu/ utopic-updates/main librbd1 amd64 0.80.7-0ubuntu0.14.10.1 [355 kB]

Get:7 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-urllib3 all 1.8.3-1 [43.9 kB]

Get:8 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-requests all 2.3.0-1 [191 kB]

Get:9 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-requestbuilder all 0.1.0-1 [25.5 kB]

Get:10 http://us.archive.ubuntu.com/ubuntu/ utopic/main bridge-utils amd64 1.5-7ubuntu1 [29.1 kB]

Get:11 http://us.archive.ubuntu.com/ubuntu/ utopic/main distro-info-data all 0.23 [4,032 B]

Get:12 http://us.archive.ubuntu.com/ubuntu/ utopic/main distro-info amd64 0.14 [20.1 kB]

Get:13 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-setuptools all 5.5.1-1 [218 kB]

Get:14 http://us.archive.ubuntu.com/ubuntu/ utopic/main euca2ools all 3.0.2-1ubuntu1 [251 kB]

Get:15 http://us.archive.ubuntu.com/ubuntu/ utopic/main python3-lxc amd64 1.1.0~alpha2-0ubuntu3 [20.3 kB]

Get:16 http://us.archive.ubuntu.com/ubuntu/ utopic/main lxc amd64 1.1.0~alpha2-0ubuntu3 [509 kB]

Get:17 http://us.archive.ubuntu.com/ubuntu/ utopic/main lxc-templates amd64 1.1.0~alpha2-0ubuntu3 [63.1 kB]

Get:18 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-distro-info all 0.14 [8,200 B]

Get:19 http://us.archive.ubuntu.com/ubuntu/ utopic-updates/main qemu-utils amd64 2.1+dfsg-4ubuntu6.3 [426 kB]

Get:20 http://us.archive.ubuntu.com/ubuntu/ utopic/main sharutils amd64 1:4.14-2 [146 kB]

Get:21 http://us.archive.ubuntu.com/ubuntu/ utopic/main uidmap amd64 1:4.1.5.1-1.1ubuntu2 [63.0 kB]

Get:22 http://us.archive.ubuntu.com/ubuntu/ utopic/main cloud-image-utils all 0.27-0ubuntu10 [25.8 kB]

Get:23 http://us.archive.ubuntu.com/ubuntu/ utopic/main debootstrap all 1.0.64 [30.0 kB]

Get:24 http://us.archive.ubuntu.com/ubuntu/ utopic/main openvswitch-common amd64 2.1.3-0ubuntu1 [488 kB]

Get:25 http://us.archive.ubuntu.com/ubuntu/ utopic/main openvswitch-switch amd64 2.1.3-0ubuntu1 [919 kB]

Get:26 http://us.archive.ubuntu.com/ubuntu/ utopic/universe uml-utilities amd64 20070815-1.3ubuntu1 [61.9 kB]

Fetched 5,711 kB in 35s (161 kB/s)

Selecting previously unselected package libaio1:amd64.

(Reading database ... 200362 files and directories currently installed.)

Preparing to unpack .../libaio1_0.3.110-1_amd64.deb ...

Unpacking libaio1:amd64 (0.3.110-1) ...

Selecting previously unselected package libboost-thread1.55.0:amd64.

Preparing to unpack .../libboost-thread1.55.0_1.55.0+dfsg-1ubuntu3_amd64.deb ...

Unpacking libboost-thread1.55.0:amd64 (1.55.0+dfsg-1ubuntu3) ...

Selecting previously unselected package libseccomp2:amd64.

Preparing to unpack .../libseccomp2_2.1.1-1_amd64.deb ...

Unpacking libseccomp2:amd64 (2.1.1-1) ...

Selecting previously unselected package liblxc1.

Preparing to unpack .../liblxc1_1.1.0~alpha2-0ubuntu3_amd64.deb ...

Unpacking liblxc1 (1.1.0~alpha2-0ubuntu3) ...

Selecting previously unselected package librados2.

Preparing to unpack .../librados2_0.80.7-0ubuntu0.14.10.1_amd64.deb ...

Unpacking librados2 (0.80.7-0ubuntu0.14.10.1) ...

Selecting previously unselected package librbd1.

Preparing to unpack .../librbd1_0.80.7-0ubuntu0.14.10.1_amd64.deb ...

Unpacking librbd1 (0.80.7-0ubuntu0.14.10.1) ...

Selecting previously unselected package python-urllib3.

Preparing to unpack .../python-urllib3_1.8.3-1_all.deb ...

Unpacking python-urllib3 (1.8.3-1) ...

Selecting previously unselected package python-requests.

Preparing to unpack .../python-requests_2.3.0-1_all.deb ...

Unpacking python-requests (2.3.0-1) ...

Selecting previously unselected package python-requestbuilder.

Preparing to unpack .../python-requestbuilder_0.1.0-1_all.deb ...

Unpacking python-requestbuilder (0.1.0-1) ...

Selecting previously unselected package bridge-utils.

Preparing to unpack .../bridge-utils_1.5-7ubuntu1_amd64.deb ...

Unpacking bridge-utils (1.5-7ubuntu1) ...

Selecting previously unselected package distro-info-data.

Preparing to unpack .../distro-info-data_0.23_all.deb ...

Unpacking distro-info-data (0.23) ...

Selecting previously unselected package distro-info.

Preparing to unpack .../distro-info_0.14_amd64.deb ...

Unpacking distro-info (0.14) ...

Selecting previously unselected package python-setuptools.

Preparing to unpack .../python-setuptools_5.5.1-1_all.deb ...

Unpacking python-setuptools (5.5.1-1) ...

Selecting previously unselected package euca2ools.

Preparing to unpack .../euca2ools_3.0.2-1ubuntu1_all.deb ...

Unpacking euca2ools (3.0.2-1ubuntu1) ...

Selecting previously unselected package python3-lxc.

Preparing to unpack .../python3-lxc_1.1.0~alpha2-0ubuntu3_amd64.deb ...

Unpacking python3-lxc (1.1.0~alpha2-0ubuntu3) ...

Selecting previously unselected package lxc.

Preparing to unpack .../lxc_1.1.0~alpha2-0ubuntu3_amd64.deb ...

Unpacking lxc (1.1.0~alpha2-0ubuntu3) ...

Selecting previously unselected package lxc-templates.

Preparing to unpack .../lxc-templates_1.1.0~alpha2-0ubuntu3_amd64.deb ...

Unpacking lxc-templates (1.1.0~alpha2-0ubuntu3) ...

Selecting previously unselected package python-distro-info.

Preparing to unpack .../python-distro-info_0.14_all.deb ...

Unpacking python-distro-info (0.14) ...

Selecting previously unselected package qemu-utils.

Preparing to unpack .../qemu-utils_2.1+dfsg-4ubuntu6.3_amd64.deb ...

Unpacking qemu-utils (2.1+dfsg-4ubuntu6.3) ...

Selecting previously unselected package sharutils.

Preparing to unpack .../sharutils_1%3a4.14-2_amd64.deb ...

Unpacking sharutils (1:4.14-2) ...

Selecting previously unselected package uidmap.

Preparing to unpack .../uidmap_1%3a4.1.5.1-1.1ubuntu2_amd64.deb ...

Unpacking uidmap (1:4.1.5.1-1.1ubuntu2) ...

Selecting previously unselected package cloud-image-utils.

Preparing to unpack .../cloud-image-utils_0.27-0ubuntu10_all.deb ...

Unpacking cloud-image-utils (0.27-0ubuntu10) ...

Selecting previously unselected package debootstrap.

Preparing to unpack .../debootstrap_1.0.64_all.deb ...

Unpacking debootstrap (1.0.64) ...

Selecting previously unselected package openvswitch-common.

Preparing to unpack .../openvswitch-common_2.1.3-0ubuntu1_amd64.deb ...

Unpacking openvswitch-common (2.1.3-0ubuntu1) ...

Selecting previously unselected package openvswitch-switch.

Preparing to unpack .../openvswitch-switch_2.1.3-0ubuntu1_amd64.deb ...

Unpacking openvswitch-switch (2.1.3-0ubuntu1) ...

Selecting previously unselected package uml-utilities.

Preparing to unpack .../uml-utilities_20070815-1.3ubuntu1_amd64.deb ...

Unpacking uml-utilities (20070815-1.3ubuntu1) ...

Processing triggers for man-db (2.7.0.2-2) ...

Processing triggers for ureadahead (0.100.0-16) ...

ureadahead will be reprofiled on next reboot

Processing triggers for install-info (5.2.0.dfsg.1-4) ...

Setting up libaio1:amd64 (0.3.110-1) ...

Setting up libboost-thread1.55.0:amd64 (1.55.0+dfsg-1ubuntu3) ...

Setting up libseccomp2:amd64 (2.1.1-1) ...

Setting up liblxc1 (1.1.0~alpha2-0ubuntu3) ...

Setting up librados2 (0.80.7-0ubuntu0.14.10.1) ...

Setting up librbd1 (0.80.7-0ubuntu0.14.10.1) ...

Setting up python-urllib3 (1.8.3-1) ...

Setting up python-requests (2.3.0-1) ...

Setting up python-requestbuilder (0.1.0-1) ...

Setting up bridge-utils (1.5-7ubuntu1) ...

Setting up distro-info-data (0.23) ...

Setting up distro-info (0.14) ...

Setting up python-setuptools (5.5.1-1) ...

Setting up euca2ools (3.0.2-1ubuntu1) ...

Setting up python3-lxc (1.1.0~alpha2-0ubuntu3) ...

Setting up lxc (1.1.0~alpha2-0ubuntu3) ...

lxc start/running

Setting up lxc dnsmasq configuration.

Setting up python-distro-info (0.14) ...

Setting up qemu-utils (2.1+dfsg-4ubuntu6.3) ...

Setting up sharutils (1:4.14-2) ...

Setting up uidmap (1:4.1.5.1-1.1ubuntu2) ...

Setting up cloud-image-utils (0.27-0ubuntu10) ...

Setting up debootstrap (1.0.64) ...

Setting up openvswitch-common (2.1.3-0ubuntu1) ...

Setting up openvswitch-switch (2.1.3-0ubuntu1) ...

openvswitch-switch start/running

Setting up uml-utilities (20070815-1.3ubuntu1) ...

* Starting User-mode networking switch uml_switch [ OK ]

Processing triggers for ureadahead (0.100.0-16) ...

Setting up lxc-templates (1.1.0~alpha2-0ubuntu3) ...

Processing triggers for libc-bin (2.19-10ubuntu2.1) ...

gstanden@W520:~$

Install DNS and DHCP packages

Next install bind9 and isc-dhcp-utils as shown below.

gstanden@W520:~$ sudo apt-get install bind9 bind9utils isc-dhcp-server

Reading package lists... Done

Building dependency tree

Reading state information... Done

Suggested packages:

bind9-doc isc-dhcp-server-ldap

The following NEW packages will be installed:

bind9 bind9utils isc-dhcp-server

0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.

Need to get 1,222 kB of archives.

After this operation, 3,826 kB of additional disk space will be used.

Get:1 http://us.archive.ubuntu.com/ubuntu/ utopic-updates/main bind9utils amd64 1:9.9.5.dfsg-4.3ubuntu0.1 [146 kB]

Get:2 http://us.archive.ubuntu.com/ubuntu/ utopic-updates/main bind9 amd64 1:9.9.5.dfsg-4.3ubuntu0.1 [294 kB]

Get:3 http://us.archive.ubuntu.com/ubuntu/ utopic/main isc-dhcp-server amd64 4.2.4-7ubuntu14 [782 kB]

Fetched 1,222 kB in 2s (443 kB/s)

Preconfiguring packages ...

Selecting previously unselected package bind9utils.

(Reading database ... 201707 files and directories currently installed.)

Preparing to unpack .../bind9utils_1%3a9.9.5.dfsg-4.3ubuntu0.1_amd64.deb ...

Unpacking bind9utils (1:9.9.5.dfsg-4.3ubuntu0.1) ...

Selecting previously unselected package bind9.

Preparing to unpack .../bind9_1%3a9.9.5.dfsg-4.3ubuntu0.1_amd64.deb ...

Unpacking bind9 (1:9.9.5.dfsg-4.3ubuntu0.1) ...

Selecting previously unselected package isc-dhcp-server.

Preparing to unpack .../isc-dhcp-server_4.2.4-7ubuntu14_amd64.deb ...

Unpacking isc-dhcp-server (4.2.4-7ubuntu14) ...

Processing triggers for man-db (2.7.0.2-2) ...

Processing triggers for ufw (0.34~rc-0ubuntu4) ...

Processing triggers for ureadahead (0.100.0-16) ...

ureadahead will be reprofiled on next reboot

Setting up bind9utils (1:9.9.5.dfsg-4.3ubuntu0.1) ...

Setting up bind9 (1:9.9.5.dfsg-4.3ubuntu0.1) ...

Adding group `bind' (GID 128) ...

Done.

Adding system user `bind' (UID 118) ...

Adding new user `bind' (UID 118) with group `bind' ...

Not creating home directory `/var/cache/bind'.

wrote key file "/etc/bind/rndc.key"

#

* Starting domain name service... bind9 [ OK ]

Setting up isc-dhcp-server (4.2.4-7ubuntu14) ...

Generating /etc/default/isc-dhcp-server...

isc-dhcp-server start/running, process 4943

isc-dhcp-server6 stop/pre-start, process 4994

Processing triggers for ufw (0.34~rc-0ubuntu4) ...

Processing triggers for ureadahead (0.100.0-16) ...

gstanden@W520:~$

Install OpenvSwitch Configuration Scripts

These scripts create and configure the OpenvSwitch switches. The "crt_ovs_sw*.sh" scripts and the /etc/init/my-network-up script and reboot to verify openvswitch is creating switches and ports correctly. The scripts are attached to this blog and can be downloaded directly. They will be downloaded by default to "/home/username/Downloads" directory.

Once the scripts are downloaded, create a directory "/home/username/OpenvSwitch" and install the "crt_ovs_sw*.sh" scripts to that directory and set correct permissions as shown below.

Also download the "my-network-up.sh" script from the end of this blog. This script is used to ensure that the OpenvSwitch "crt_ovs_sw*.sh" scripts run only after networking has started. The idea of using the "my-network-up.sh" script for starting up the OpenvSwitches at boot after the network interfaces are up is thanks to Cheesehead here.

Update Ubuntu 15.04 2015-05-16

The my-network-up.sh script doesn't seem to be working anymore in Ubuntu 15.04. In any case, I had to add entries to /etc/rc.local script to get OpenvSwitch network to startup ok at boot on 15.04, so currently, the /etc/init/my-network-up.sh script is still in place, but not working, and now also the following entries are added in /etc/rc.local as well as shown below and it is the /etc/rc.local entries that are starting the OpenvSwitch at boot.

gstanden@vmem1:~/OpenvSwitch$ cat /etc/rc.local

#!/bin/sh -e

#

# rc.local

#

# This script is executed at the end of each multiuser runlevel.

# Make sure that the script will "exit 0" on success or any other

# value on error.

#

# In order to enable or disable this script just change the execution

# bits.

#

# By default this script does nothing.

/home/gstanden/OpenvSwitch/crt_ovs_sx1.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sx1.log

/home/gstanden/OpenvSwitch/crt_ovs_sw1.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw1.log

/home/gstanden/OpenvSwitch/crt_ovs_sw2.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw2.log

/home/gstanden/OpenvSwitch/crt_ovs_sw3.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw3.log

/home/gstanden/OpenvSwitch/crt_ovs_sw4.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw4.log

/home/gstanden/OpenvSwitch/crt_ovs_sw5.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw5.log

/home/gstanden/OpenvSwitch/crt_ovs_sw6.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw6.log

/home/gstanden/OpenvSwitch/crt_ovs_sw7.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw7.log

/home/gstanden/OpenvSwitch/crt_ovs_sw8.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw8.log

/home/gstanden/OpenvSwitch/crt_ovs_sw9.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw9.log

exit 0

gstanden@vmem1:~/OpenvSwitch$

Note also that crt_ovs_sx1.sh has been added. This is the addition of a new network subnet 10.207.29.1 and comes with a new set of bind9 and dhcp configurations. Basically, this update to the guide here shows how you add additional networks to the DNS-DHCP bind9/isc-dhcp-server setup on the laptop such that the additional networks will also hand out DHCP addresses over the OpenvSwitch network and also automatically add the newly assigned IP addresses to DNS bind9 (named).

Update End Ubuntu 15.04 2015-05-16

Once the "crt_ovs_sw*.sh" scripts are downloaded, create a directory for them as shown below, and move the scripts to the "/home/username/OpenvSwitch" directory as shown below. Ensure that the "crt_ovs_sw*.sh" scripts have the correct ownership, permissions, and are installed in the directory as shown below. The log files do not need to be created. They are written automatically during each bootup of the laptop or desktop when the OpenvSwitch switches are created during bootup.

At this time, also download and install the "my-network-up.sh" script and also ensure that /etc/rc.local is configured as shown above. Install the my-network-up.sh script as shown into the "/etc/init" directory. Create a soft link in the "/home/username/OpenvSwitch" directory as a reminder of where this important script is installed for future maintenance or reference. The idea is that all scripts directly relevant to the OpenvSwitch configuration are linked in the "/home/username/OpenvSwitch" directory for quick reference and accessability.

gstanden@W520:~$ pwd

/home/gstanden

gstanden@W520:~$ ls -lrt

total 52

-rw-r--r-- 1 gstanden gstanden 8980 Dec 25 22:29 examples.desktop

drwxr-xr-x 2 gstanden gstanden 4096 Dec 25 22:48 Videos

drwxr-xr-x 2 gstanden gstanden 4096 Dec 25 22:48 Templates

drwxr-xr-x 2 gstanden gstanden 4096 Dec 25 22:48 Public

drwxr-xr-x 2 gstanden gstanden 4096 Dec 25 22:48 Music

drwxr-xr-x 2 gstanden gstanden 4096 Dec 25 22:48 Documents

drwxr-xr-x 2 gstanden gstanden 4096 Dec 25 22:48 Desktop

drwxr-xr-x 4 gstanden gstanden 4096 Dec 25 23:03 Pictures

drwxr-xr-x 2 gstanden gstanden 4096 Dec 26 12:09 Downloads

drwxr-xr-x 2 gstanden gstanden 4096 Dec 26 12:19 OpenvSwitch

drwxrwxr-x 2 gstanden gstanden 4096 Dec 26 14:31 Networking

gstanden@W520:~$ cd OpenvSwitch/

gstanden@W520:~/OpenvSwitch$ ls -lrt

total 52

-rwxr-xr-x 1 gstanden gstanden 704 Oct 27 2014 crt_ovs_sw4.sh

-rwxr-xr-x 1 gstanden gstanden 704 Oct 28 2014 crt_ovs_sw5.sh

-rwxr-xr-x 1 gstanden gstanden 704 Oct 28 2014 crt_ovs_sw6.sh

-rwxr-xr-x 1 gstanden gstanden 704 Oct 28 2014 crt_ovs_sw7.sh

-rwxr-xr-x 1 gstanden gstanden 704 Oct 28 2014 crt_ovs_sw8.sh

-rwxr-xr-x 1 gstanden gstanden 704 Oct 31 2014 crt_ovs_sw9.sh

-rwxr-xr-x 1 gstanden gstanden 1016 Oct 31 2014 crt_ovs_sw2.sh

-rwxr-xr-x 1 gstanden gstanden 1019 Oct 31 2014 crt_ovs_sw3.sh

-rwxr-xr-x 1 gstanden gstanden 1921 May 2 20:13 crt_ovs_sw1.sh

-rwxr-xr-x 1 gstanden gstanden 1935 May 2 20:24 crt_ovs_sx1.sh

lrwxrwxrwx 1 gstanden gstanden 26 May 16 16:30 my-network-up.sh -> /etc/init/my-network-up.sh

lrwxrwxrwx 1 gstanden gstanden 13 May 16 16:31 rc.local -> /etc/rc.local

-rw-r--r-- 1 gstanden gstanden 413 Dec 26 14:12 crt_ovs_sw1.log

-rw-r--r-- 1 gstanden gstanden 195 Dec 26 14:12 crt_ovs_sw2.log

-rw-r--r-- 1 gstanden gstanden 195 Dec 26 14:12 crt_ovs_sw3.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 26 14:12 crt_ovs_sw4.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 26 14:12 crt_ovs_sw5.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 26 14:12 crt_ovs_sw6.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 26 14:12 crt_ovs_sw7.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 26 14:12 crt_ovs_sw8.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 26 14:12 crt_ovs_sw9.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 26 14:12 crt_ovs_sx1.log

gstanden@W520:~/OpenvSwitch$

Ensure as shown below that the "/etc/init/my-network-up.sh" script is installed in the correct directory, and has the ownership, group, and permissions and review the content of the file as shown below.

gstanden@W520:~/OpenvSwitch$ ls -l /etc/init/my-network-up.conf

-rw-r--r-- 1 gstanden gstanden 1288 Dec 26 01:25 /etc/init/my-network-up.conf

gstanden@W520:~/OpenvSwitch$ cat /etc/init/my-network-up.conf

# 'my-network-up.conf' - My custom upstart events

#

# These are the scripts that run when a network appears.

description "My custom upstart events"

start on net-device-up # Start a daemon or run a script

stop on net-device-down # (Optional) Stop a daemon, scripts already self-terminate.

script

# You can really put shell script in here, including if/then and tests.

/home/gstanden/OpenvSwitch/crt_ovs_sw1.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw1.log

/home/gstanden/OpenvSwitch/crt_ovs_sw2.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw2.log

/home/gstanden/OpenvSwitch/crt_ovs_sw3.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw3.log

/home/gstanden/OpenvSwitch/crt_ovs_sw4.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw4.log

/home/gstanden/OpenvSwitch/crt_ovs_sw5.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw5.log

/home/gstanden/OpenvSwitch/crt_ovs_sw6.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw6.log

/home/gstanden/OpenvSwitch/crt_ovs_sw7.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw7.log

/home/gstanden/OpenvSwitch/crt_ovs_sw8.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw8.log

/home/gstanden/OpenvSwitch/crt_ovs_sw9.sh 2>&1 > /home/gstanden/OpenvSwitch/crt_ovs_sw9.log

/bin/chown gstanden:gstanden /home/gstanden/OpenvSwitch/crt_ovs_sw*.log

end script

gstanden@W520:~/OpenvSwitch$ ls -lrt /etc/init/my-network-up.conf

-rw-r--r-- 1 gstanden gstanden 1288 Dec 26 10:06 /etc/init/my-network-up.conf

gstanden@W520:~$

The OpenvSwitch switch scripts are also listed below for reference.

gstanden@vmem1:~/OpenvSwitch$ more crt_ovs_s*.sh

::::::::::::::

crt_ovs_sw1.sh

::::::::::::::

#!/bin/bash

# Requires use of Upstart Script /etc/init/my-network-up.conf to ensure interfaces are up before running.

tunctl -t s1

tunctl -t s2

tunctl -t s3

tunctl -t s4

tunctl -t s5

#tunctl -t s6

ip link set s1 up

ip link set s2 up

ip link set s3 up

ip link set s4 up

ip link set s5 up

#ip link set s6 up

ovs-vsctl add-br sw1

ovs-vsctl add-port sw1 s1

ovs-vsctl add-port sw1 s2

ovs-vsctl add-port sw1 s3

ovs-vsctl add-port sw1 s4

ovs-vsctl add-port sw1 s5

#ovs-vsctl add-port sw1 s6

ip link set up dev sw1

ip addr add 10.207.39.1/24 dev sw1

ip route replace 10.207.39.0/24 dev sw1

ovs-vsctl set port sw1 trunks=10

ovs-vsctl set port sw1 tag=10

# GLS 20140825 Get active external interface dynamically at boot. Tested & works with {wlan0, eth0, bnep0} on Ubuntu 14.04.1 Desktop x86_64.

# GLS 20140825 Interface "bnep0" is Blackberry Z30 OS10 Bluetooth Tether.

### BEGIN Get Active EXTIF Dynamcially. ###

function GetInterface

{

ifconfig | egrep -B1 'inet addr' | egrep -A1 'wlan|eth|bnep' | sed '$!N;s/\n/ /' | sed 's/ */ /g' | cut -f1,7 -d' ' | sed 's/ addr//' | head -1 | cut -f1 -d':'

}

function GetIP

{

ifconfig | egrep -B1 'inet addr' | egrep -A1 'wlan|eth|bnep' | sed '$!N;s/\n/ /' | sed 's/ */ /g' | cut -f1,7 -d' ' | sed 's/ addr//' | head -1 | cut -f2 -d':'

}

### END Get Active EXTIF Dynamically. ###

echo ' IP: '$(GetIP)

echo 'Interface: '$(GetInterface)

INTIF="sw1"

EXTIF=$(GetInterface)

# EXTIF="wlan0"

echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

iptables -P INPUT ACCEPT

iptables -F INPUT

iptables -P OUTPUT ACCEPT

iptables -F OUTPUT

iptables -P FORWARD DROP

iptables -F FORWARD

iptables -t nat -F

# set forwarding and nat rules

iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

service isc-dhcp-server start

service bind9 restart

::::::::::::::

crt_ovs_sw2.sh

::::::::::::::

#!/bin/bash

tunctl -t t1

tunctl -t t2

tunctl -t t3

tunctl -t t4

tunctl -t t5

ip link set t1 up

ip link set t2 up

ip link set t3 up

ip link set t4 up

ip link set t5 up

ovs-vsctl add-br sw2

ovs-vsctl add-port sw2 t1

ovs-vsctl add-port sw2 t2

ovs-vsctl add-port sw2 t3

ovs-vsctl add-port sw2 t4

ovs-vsctl add-port sw2 t5

ip link set up dev sw2

ip addr add 10.207.40.1/24 dev sw2

ip route replace 10.207.40.0/24 dev sw2

ifconfig sw2 10.207.40.1 netmask 255.255.255.0

ovs-vsctl set port sw2 tag=80

# INTIF="sw2"

# EXTIF="wlan0"

# echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

# iptables -P INPUT ACCEPT

# iptables -F INPUT

# iptables -P OUTPUT ACCEPT

# iptables -F OUTPUT

# iptables -P FORWARD DROP

# iptables -F FORWARD

# iptables -t nat -F

# set forwarding and nat rules

# iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

# iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

# iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

# service isc-dhcp-server start

::::::::::::::

crt_ovs_sw3.sh

::::::::::::::

#!/bin/bash

tunctl -t w1

tunctl -t w2

tunctl -t w3

tunctl -t w4

tunctl -t w5

ip link set w1 up

ip link set w2 up

ip link set w3 up

ip link set w4 up

ip link set w5 up

ovs-vsctl add-br sw3

ovs-vsctl add-port sw3 w1

ovs-vsctl add-port sw3 w2

ovs-vsctl add-port sw3 w3

ovs-vsctl add-port sw3 w4

ovs-vsctl add-port sw3 w5

ip link set up dev sw3

ip addr add 10.207.41.1/24 dev sw3

ip route replace 10.207.41.0/24 dev sw3

ifconfig sw3 10.207.41.1 netmask 255.255.255.0

ovs-vsctl set port sw3 tag=90

# INTIF="sw3"

# EXTIF="wlan0"

# echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

# iptables -P INPUT ACCEPT

# iptables -F INPUT

# iptables -P OUTPUT ACCEPT

# iptables -F OUTPUT

# iptables -P FORWARD DROP

# iptables -F FORWARD

# iptables -t nat -F

# set forwarding and nat rules

# iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

# iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

# iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

# service isc-dhcp-server start

::::::::::::::

crt_ovs_sw4.sh

::::::::::::::

#!/bin/bash

ovs-vsctl add-br sw4

ip link set up dev sw4

ip addr add 192.210.39.1/24 dev sw4

ip route replace 192.210.39.0/24 dev sw4

ifconfig sw4 192.210.39.1 netmask 255.255.255.0

# INTIF="sw3"

# EXTIF="wlan0"

# echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

# iptables -P INPUT ACCEPT

# iptables -F INPUT

# iptables -P OUTPUT ACCEPT

# iptables -F OUTPUT

# iptables -P FORWARD DROP

# iptables -F FORWARD

# iptables -t nat -F

# set forwarding and nat rules

# iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

# iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

# iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

# service isc-dhcp-server start

::::::::::::::

crt_ovs_sw5.sh

::::::::::::::

#!/bin/bash

ovs-vsctl add-br sw5

ip link set up dev sw5

ip addr add 192.211.39.1/24 dev sw5

ip route replace 192.211.39.0/24 dev sw5

ifconfig sw5 192.211.39.1 netmask 255.255.255.0

# INTIF="sw3"

# EXTIF="wlan0"

# echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

# iptables -P INPUT ACCEPT

# iptables -F INPUT

# iptables -P OUTPUT ACCEPT

# iptables -F OUTPUT

# iptables -P FORWARD DROP

# iptables -F FORWARD

# iptables -t nat -F

# set forwarding and nat rules

# iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

# iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

# iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

# service isc-dhcp-server start

::::::::::::::

crt_ovs_sw6.sh

::::::::::::::

#!/bin/bash

ovs-vsctl add-br sw6

ip link set up dev sw6

ip addr add 192.212.39.1/24 dev sw6

ip route replace 192.212.39.0/24 dev sw6

ifconfig sw6 192.212.39.1 netmask 255.255.255.0

# INTIF="sw3"

# EXTIF="wlan0"

# echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

# iptables -P INPUT ACCEPT

# iptables -F INPUT

# iptables -P OUTPUT ACCEPT

# iptables -F OUTPUT

# iptables -P FORWARD DROP

# iptables -F FORWARD

# iptables -t nat -F

# set forwarding and nat rules

# iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

# iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

# iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

# service isc-dhcp-server start

::::::::::::::

crt_ovs_sw7.sh

::::::::::::::

#!/bin/bash

ovs-vsctl add-br sw7

ip link set up dev sw7

ip addr add 192.213.39.1/24 dev sw7

ip route replace 192.213.39.0/24 dev sw7

ifconfig sw7 192.213.39.1 netmask 255.255.255.0

# INTIF="sw3"

# EXTIF="wlan0"

# echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

# iptables -P INPUT ACCEPT

# iptables -F INPUT

# iptables -P OUTPUT ACCEPT

# iptables -F OUTPUT

# iptables -P FORWARD DROP

# iptables -F FORWARD

# iptables -t nat -F

# set forwarding and nat rules

# iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

# iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

# iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

# service isc-dhcp-server start

::::::::::::::

crt_ovs_sw8.sh

::::::::::::::

#!/bin/bash

ovs-vsctl add-br sw8

ip link set up dev sw8

ip addr add 172.220.40.1/24 dev sw8

ip route replace 172.220.40.0/24 dev sw8

ifconfig sw8 172.220.40.1 netmask 255.255.255.0

# INTIF="sw3"

# EXTIF="wlan0"

# echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

# iptables -P INPUT ACCEPT

# iptables -F INPUT

# iptables -P OUTPUT ACCEPT

# iptables -F OUTPUT

# iptables -P FORWARD DROP

# iptables -F FORWARD

# iptables -t nat -F

# set forwarding and nat rules

# iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

# iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

# iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

# service isc-dhcp-server start

::::::::::::::

crt_ovs_sw9.sh

::::::::::::::

#!/bin/bash

ovs-vsctl add-br sw9

ip link set up dev sw9

ip addr add 172.221.40.1/24 dev sw9

ip route replace 172.221.40.0/24 dev sw9

ifconfig sw9 172.221.40.1 netmask 255.255.255.0

# INTIF="sw3"

# EXTIF="wlan0"

# echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

# iptables -P INPUT ACCEPT

# iptables -F INPUT

# iptables -P OUTPUT ACCEPT

# iptables -F OUTPUT

# iptables -P FORWARD DROP

# iptables -F FORWARD

# iptables -t nat -F

# set forwarding and nat rules

# iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

# iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

# iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

# service isc-dhcp-server start

::::::::::::::

crt_ovs_sx1.sh

::::::::::::::

#!/bin/bash

# Requires use of Upstart Script /etc/init/my-network-up.conf to ensure interfaces are up before running.

sleep 10

tunctl -t a1

tunctl -t a2

tunctl -t a3

tunctl -t a4

tunctl -t a5

#tunctl -t a6

ip link set a1 up

ip link set a2 up

ip link set a3 up

ip link set a4 up

ip link set a5 up

#ip link set a6 up

ovs-vsctl add-br sx1

ovs-vsctl add-port sx1 a1

ovs-vsctl add-port sx1 a2

ovs-vsctl add-port sx1 a3

ovs-vsctl add-port sx1 a4

ovs-vsctl add-port sx1 a5

#ovs-vsctl add-port sx1 a6

ip link set up dev sx1

ip addr add 10.207.29.1/24 dev sx1

ip route replace 10.207.29.0/24 dev sx1

ovs-vsctl set port sx1 trunks=10

ovs-vsctl set port sx1 tag=10

# GLS 20140825 Get active external interface dynamically at boot. Tested & works with {wlan0, eth0, bnep0} on Ubuntu 14.04.1 Desktop x86_64.

# GLS 20140825 Interface "bnep0" is Blackberry Z30 OS10 Bluetooth Tether.

### BEGIN Get Active EXTIF Dynamcially. ###

function GetInterface

{

ifconfig | egrep -B1 'inet addr' | egrep -A1 'wlan|eth|bnep' | sed '$!N;s/\n/ /' | sed 's/ */ /g' | cut -f1,7 -d' ' | sed 's/ addr//' | head -1 | cut -f1 -d':'

}

function GetIP

{

ifconfig | egrep -B1 'inet addr' | egrep -A1 'wlan|eth|bnep' | sed '$!N;s/\n/ /' | sed 's/ */ /g' | cut -f1,7 -d' ' | sed 's/ addr//' | head -1 | cut -f2 -d':'

}

### END Get Active EXTIF Dynamically. ###

echo ' IP: '$(GetIP)

echo 'Interface: '$(GetInterface)

INTIF="sx1"

EXTIF=$(GetInterface)

# EXTIF="wlan0"

echo 1 > /proc/sys/net/ipv4/ip_forward

# clear existing iptable rules, set a default policy

iptables -P INPUT ACCEPT

iptables -F INPUT

iptables -P OUTPUT ACCEPT

iptables -F OUTPUT

iptables -P FORWARD DROP

iptables -F FORWARD

iptables -t nat -F

# set forwarding and nat rules

iptables -A FORWARD -i $EXTIF -o $INTIF -j ACCEPT

iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE

# service isc-dhcp-server restart

# service bind9 restart

gstanden@vmem1:~/OpenvSwitch$

Setup DNS and DHCP for System

The DNS and DHCP are setup in this blog so that DHCP can provide addresses to LXC containers and VMs on the OpenvSwitch, and also add those DHCP assignments to DNS automatically.

Backup DNS Default Configuration Files and Install Downloaded Versions

First backup the default configuration files as shown below.

Then download from the end of this blog this files "named.conf.options" and "named.conf.local" and move to "/etc/bind" directory as shown below.

gstanden@W520:~$ cd /etc/bind

gstanden@W520:/etc/bind$ ls -lrt

total 52

-rw-r--r-- 1 root root 1317 Dec 9 13:06 zones.rfc1918

-rw-r--r-- 1 root bind 165 Dec 9 13:06 named.conf.local

-rw-r--r-- 1 root bind 490 Dec 9 13:06 named.conf.default-zones

-rw-r--r-- 1 root bind 463 Dec 9 13:06 named.conf

-rw-r--r-- 1 root root 3048 Dec 9 13:06 db.root

-rw-r--r-- 1 root root 270 Dec 9 13:06 db.local

-rw-r--r-- 1 root root 353 Dec 9 13:06 db.empty

-rw-r--r-- 1 root root 237 Dec 9 13:06 db.255

-rw-r--r-- 1 root root 271 Dec 9 13:06 db.127

-rw-r--r-- 1 root root 237 Dec 9 13:06 db.0

-rw-r--r-- 1 root root 2389 Dec 9 13:06 bind.keys

-rw-r----- 1 bind bind 77 Dec 26 01:01 rndc.key

-rw-r--r-- 1 root bind 890 Dec 26 01:01 named.conf.options

gstanden@W520:/etc/bind$ sudo cp -p named.conf.local named.conf.local.original.install.bak

gstanden@W520:/etc/bind$ sudo cp -p named.conf.options named.conf.options.original.install.bak

gstanden@W520:/etc/bind$ sudo cp -p rndc.key rndc.key.original.install.bak

gstanden@W520:/etc/bind$ cd

gstanden@w520:~/Downloads$ sudo mv named.* /etc/bind/.

gstanden@w520:~/Downloads$

Backup DHCP Default Configuration Files

Now backup the isc-dhcp-server (DHCP) original install configuration files as shown below. Although dhclient.conf is backed up, there are no changes to dhclient.conf and it is used as is default format. Only the dhcpd.conf file needs to be updated with the downloaded version.

Update Begin Ubuntu 15.04 2015-05-16

There is a change to the /etc/dhcp/dhclient.conf file for the added mccc.org domain as shown below.

root@vmem1:/etc/dhcp# cat dhclient.conf

# Configuration file for /sbin/dhclient, which is included in Debian's

# dhcp3-client package.

#

# This is a sample configuration file for dhclient. See dhclient.conf's

# man page for more information about the syntax of this file

# and a more comprehensive list of the parameters understood by

# dhclient.

#

# Normally, if the DHCP server provides reasonable information and does

# not leave anything out (like the domain name, for example), then

# few changes must be made to this file, if any.

#

option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;

send host-name = gethostname();

prepend domain-name-servers 127.0.0.1;

# Oracle GNS and additional domains

append domain-name " mccc.org";

request subnet-mask, broadcast-address, time-offset, routers,

domain-name, domain-name-servers, domain-search, host-name,

dhcp6.name-servers, dhcp6.domain-search,

netbios-name-servers, netbios-scope, interface-mtu,

rfc3442-classless-static-routes, ntp-servers,

dhcp6.fqdn, dhcp6.sntp-servers;

root@vmem1:/etc/dhcp#

Note the section in bold which adds mccc.org to the dhclient.conf and this is responsible for adding it to /etc/resolv.conf at bootup.

gstanden@W520:/etc/dhcp$ sudo cp -p dhcpd.conf dhcpd.conf.original.install.bak

gstanden@W520:/etc/dhcp$ sudo cp -p dhclient.conf dhclient.conf.original.install.bak

gstanden@W520:/etc/dhcp$

Install Downloaded DHCP Files

Move the downloaded "dhcpd.conf" to "/etc/dhcp" directory as shown below.

gstanden@W520:~$ cd Downloads

gstanden@W520:~/Downloads$ ls -lrt

total 272

-rw-rw-r-- 1 gstanden gstanden 250832 Dec 25 22:54 ksplice-uptrack.deb

-rw-rw-r-- 1 gstanden gstanden 940 Dec 26 10:15 dhclient.conf

-rw-rw-r-- 1 gstanden gstanden 890 Dec 26 10:15 dhcpd.conf

-rw-rw-r-- 1 gstanden gstanden 1096 Dec 26 10:15 fwd.vmem.org

-rw-rw-r-- 1 gstanden gstanden 435 Dec 26 10:15 named.conf.local

-rw-rw-r-- 1 gstanden gstanden 299 Dec 26 10:15 named.conf.options

-rw-rw-r-- 1 gstanden gstanden 671 Dec 26 10:16 rev.vmem.org

gstanden@W520:~/Downloads$ sudo mv dhcpd.conf /etc/dhcp/.

gstanden@W520:~/Downloads$ sudo su -

root@W520:~# cd /etc/dhcp

root@W520:/etc/dhcp# ls -lrt

total 28

-rw-r--r-- 1 root root 3602 Apr 3 2014 dhcpd.conf.original.install.bak

-rw-r--r-- 1 root root 1830 Apr 3 2014 dhclient.conf.original.install.bak

drwxr-xr-x 2 root root 4096 Oct 22 14:11 dhclient-enter-hooks.d

drwxr-xr-x 2 root root 4096 Dec 25 23:14 dhclient-exit-hooks.d

drwxr-x--- 2 root dhcpd 4096 Dec 26 01:01 ddns-keys

-rw-rw-r-- 1 gstanden gstanden 940 Dec 26 10:15 dhclient.conf

-rw-rw-r-- 1 gstanden gstanden 890 Dec 26 10:15 dhcpd.conf

root@W520:/etc/dhcp# cat dhcpd.conf

#

# Configuration file for ISC dhcpd for Ubuntu 14.04

#

ddns-updates on;

ddns-update-style interim;

update-static-leases on;

authoritative;

key rndc-key { algorithm hmac-md5; secret "5rcWKMkWCP6RBUeu9tjIZg==";} <-- This value must be changed.

allow unknown-clients;

use-host-decl-names on;

default-lease-time 1814400;

max-lease-time 1814400;

log-facility local7;

zone vmem.org. {

primary 10.207.39.1;

key rndc-key;

}

zone 39.207.10.in-addr.arpa. {

primary 10.207.39.1;

key rndc-key;

}

subnet 10.207.39.0 netmask 255.255.255.0 {

# default gateway

option routers 10.207.39.1;

option subnet-mask 255.255.255.0;

option domain-name "vmem.org";

option domain-name-servers 10.207.39.1;

# option ntp-servers 10.207.39.1;

ddns-domainname "vmem.org.";

ddns-rev-domainname "in-addr.arpa.";

range 10.207.39.70 10.207.39.254;

default-lease-time 1814400;

max-lease-time 1814400;

}

root@W520:/etc/dhcp#

Update Begin Ubuntu 15.04 2015-05-16

I have updated the dhcpd.conf to support multiple DHCP-DNS networks, so see below for an example of having multiple networks support and multiple domains support by named as shown below for dhcpd.conf. In the example below, the 10.207.29.1 subnet has been added to my original 10.207.39.1 supported subnet, and the mccc.org domain has been added to the vmem.org domain support. The new sections added for the new subnet are in bold as shown below.

gstanden@vmem1:~/OpenvSwitch$ cat /etc/dhcp/dhcpd.conf

#

# Configuration file for ISC dhcpd for Ubuntu 14.04

# Configuration file for ISC dhcpd for Ubuntu 15.04 GLS Tested on 15.04 2015.05.02

# Added a second subnet configuration (10.207.29.1/24) for mediacomcorp.org domain

#

ddns-updates on;

ddns-update-style interim;

update-static-leases on;

authoritative;

key rndc-key { algorithm hmac-md5; secret "5rcWKMkWCP6RBUeu9tjIZg==";}

allow unknown-clients;

use-host-decl-names on;

default-lease-time 1814400;

max-lease-time 1814400;

log-facility local7;

zone vmem.org. {

primary 10.207.39.1;

key rndc-key;

}

zone mccc.org. {

primary 10.207.29.1;

key rndc-key;

}

zone 39.207.10.in-addr.arpa. {

primary 10.207.39.1;

key rndc-key;

}

zone 29.207.10.in-addr.arpa. {

primary 10.207.29.1;

key rndc-key;

}

subnet 10.207.39.0 netmask 255.255.255.0 {

# --- default gateway

option routers 10.207.39.1;

option subnet-mask 255.255.255.0;

option domain-name "vmem.org";

option domain-name-servers 10.207.39.1;

# option ntp-servers 10.207.39.1;

ddns-domainname "vmem.org.";

ddns-rev-domainname "in-addr.arpa.";

range 10.207.39.70 10.207.39.254;

default-lease-time 1814400;

max-lease-time 1814400;

}

subnet 10.207.29.0 netmask 255.255.255.0 {

# --- default gateway

option routers 10.207.29.1;

option subnet-mask 255.255.255.0;

option domain-name "mccc.org";

option domain-name-servers 10.207.29.1;

# option ntp-servers 10.207.29.1;

ddns-domainname "mccc.org.";

ddns-rev-domainname "in-addr.arpa.";

range 10.207.29.70 10.207.29.254;

default-lease-time 1814400;

max-lease-time 1814400;

}

gstanden@vmem1:~/OpenvSwitch$

Update End Ubuntu 15.04 2015-05-16

Update DHCP Configuration Files with Correct RNDC Key

The dhcpd.conf file must be updated with a correct rndc.key value so this is a good time to update the rndc.key value. The value from the install can be used, or a new rndc.key file can be generated. Here the value from the installed rndc.key file is used. Notice that with the newly added second supported subnet of 10.207.29.1, we still can use the same rndc.key for both subnets. it may be possible to use different keys for different subnets (probably is, or I should think it would be) but for the purposes of this blog, the same rndc.key value is used for all subnets.

root@W520:/etc/dhcp# cd /etc/bind

root@W520:/etc/bind# ls -lrt

total 64

-rw-r--r-- 1 root root 1317 Dec 9 13:06 zones.rfc1918

-rw-r--r-- 1 root bind 165 Dec 9 13:06 named.conf.local.original.install.bak

-rw-r--r-- 1 root bind 165 Dec 9 13:06 named.conf.local

-rw-r--r-- 1 root bind 490 Dec 9 13:06 named.conf.default-zones

-rw-r--r-- 1 root bind 463 Dec 9 13:06 named.conf

-rw-r--r-- 1 root root 3048 Dec 9 13:06 db.root

-rw-r--r-- 1 root root 270 Dec 9 13:06 db.local

-rw-r--r-- 1 root root 353 Dec 9 13:06 db.empty

-rw-r--r-- 1 root root 237 Dec 9 13:06 db.255

-rw-r--r-- 1 root root 271 Dec 9 13:06 db.127

-rw-r--r-- 1 root root 237 Dec 9 13:06 db.0

-rw-r--r-- 1 root root 2389 Dec 9 13:06 bind.keys

-rw-r----- 1 bind bind 77 Dec 26 01:01 rndc.key.original.install.bak

-rw-r----- 1 bind bind 77 Dec 26 01:01 rndc.key

-rw-r--r-- 1 root bind 890 Dec 26 01:01 named.conf.options.original.install.bak

-rw-r--r-- 1 root bind 890 Dec 26 01:01 named.conf.options

root@W520:/etc/bind# cat rndc.key

key "rndc-key" {

algorithm hmac-md5;

secret "5rcWKMkWCP6RBUeu9tjIZg==";

};

root@W520:/etc/bind#

Edit the dhcpd.conf file and update the secret key value as shown below.

root@W520:/etc/dhcp# vi dhcpd.conf

root@W520:/etc/dhcp# cat dhcpd.conf

#

# Configuration file for ISC dhcpd for Ubuntu 14.04

#

ddns-updates on;

ddns-update-style interim;

update-static-leases on;

authoritative;

key rndc-key { algorithm hmac-md5; secret "5rcWKMkWCP6RBUeu9tjIZg==";) <-- Key value has been changed.

allow unknown-clients;

use-host-decl-names on;

default-lease-time 1814400;

max-lease-time 1814400;

log-facility local7;

zone vmem.org. {

primary 10.207.39.1;

key rndc-key;

}

zone 39.207.10.in-addr.arpa. {

primary 10.207.39.1;

key rndc-key;

}

subnet 10.207.39.0 netmask 255.255.255.0 {

# default gateway

option routers 10.207.39.1;

option subnet-mask 255.255.255.0;

option domain-name "vmem.org";

option domain-name-servers 10.207.39.1;

# option ntp-servers 10.207.39.1;

ddns-domainname "vmem.org.";

ddns-rev-domainname "in-addr.arpa.";

range 10.207.39.70 10.207.39.254;

default-lease-time 1814400;

max-lease-time 1814400;

}

root@W520:/etc/dhcp#

Set Ownership and Permissions of DHCP Configuration Files

Change ownership of dhcp configuration files to root as shown below.

root@W520:/etc/dhcp# chown root:root dhclient.conf dhcpd.conf

root@W520:/etc/dhcp# ls -lrt *.conf

total 28

-rw-rw-r-- 1 root root 940 Dec 26 10:15 dhclient.conf

-rw-rw-r-- 1 root root 890 Dec 26 10:25 dhcpd.conf

root@W520:/etc/dhcp#

Install DNS Forward and Reverse Zone Configuration Files

Download the "fwd.vmem.org" and the "rev.vmem.org" zone files from the downloadable files at the end of this blog. Install the downloaded zone files into correct location as shown below. Download the "named.conf.options" and the "named.conf.local" file from the downloadable files at the end of the blog and install.

gstanden@W520:~$ cd Downloads

gstanden@W520:~/Downloads$ ls -lrt

total 264

-rw-rw-r-- 1 gstanden gstanden 250832 Dec 25 22:54 ksplice-uptrack.deb

-rw-rw-r-- 1 gstanden gstanden 1096 Dec 26 10:15 fwd.vmem.org

-rw-rw-r-- 1 gstanden gstanden 435 Dec 26 10:15 named.conf.local

-rw-rw-r-- 1 gstanden gstanden 299 Dec 26 10:15 named.conf.options

-rw-rw-r-- 1 gstanden gstanden 671 Dec 26 10:16 rev.vmem.org

gstanden@W520:~/Downloads$ sudo mv fwd.vmem.org /var/lib/bind/.

gstanden@W520:~/Downloads$ sudo mv rev.vmem.org /var/lib/bind/.

gstanden@W520:~/Downloads$ sudo su -

root@W520:~# cd /var/lib/bind

root@W520:/var/lib/bind#

Edit DNS Forward and Reverse Zone Files

Setup the forward and reverse zone files. Change the domain name information if desired. Be careful when editing not to remove any of the "." characters in the file, they matter! Also, verify the hostname as shown and make sure to update the forward and reverse zone files with the name of your desktop host (in this example the desktop hostname is "W520").

root@W520:/var/lib/bind# cat fwd.vmem.org

$ORIGIN .

$TTL 86400 ; time-to-live in seconds

vmem.org IN SOA W520.vmem.org. postmaster.vmem.org. (

1412261100 ; serial

60 ; refresh (1 minute)

1800 ; retry (30 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS W520.vmem.org.

$ORIGIN vmem.org.

_sflow._udp TXT "txtvers=1" "polling=20" "sampling=512"

SRV 0 0 6343 W520

W520 A 10.207.39.1

lxc1-gns-vip.vmem.org. A 10.207.39.3

$ORIGIN gns1.vmem.org.

@ IN NS lxc1-gns-vip.vmem.org.

root@W520:/var/lib/bind# named-checkzone vmem.org fwd.vmem.org

zone vmem.org/IN: loaded serial 1412261100

OK

root@W520:/var/lib/bind# cat rev.vmem.org

$ORIGIN .

$TTL 86400 ; time-to-live in seconds

39.207.10.in-addr.arpa IN SOA W520.vmem.org. postmaster.vmem.org. (

1412261100 ; serial

60 ; refresh (1 hour)

1800 ; retry (30 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS W520.vmem.org.

$ORIGIN 39.207.10.in-addr.arpa.

1 PTR W520.vmem.org.

3 PTR lxc1-gns-vip.vmem.org.

39.207.10.in-addr.arpa NS W520.vmem.org.

W520 A 10.207.39.1

root@W520:/var/lib/bind# named-checkzone 39.207.10.in-addr.arpa rev.vmem.org

zone 39.207.10.in-addr.arpa/IN: loaded serial 1412261100

OK

root@W520:/var/lib/bind# uname -a

Linux W520 3.16.0-28-generic #38-Ubuntu SMP Fri Dec 12 17:37:40 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

root@W520:/var/lib/bind# hostname -f

W520

root@W520:/var/lib/bind#

Update Begin Ubuntu 15.04 2015-05-16

Additional zones have been added for the mccc.org domain and for the 10.207.29.1/24 network reverse lookups as shown below.

root@vmem1:/var/lib/bind# named-checkzone mccc.org fwd.mccc.org

zone mccc.org/IN: loaded serial 1505021309

OK

root@vmem1:/var/lib/bind# named-checkzone 29.207.10.in-addr.arpa rev.mccc.org

zone 29.207.10.in-addr.arpa/IN: loaded serial 1411021420

OK

root@vmem1:/var/lib/bind# cat fwd.mccc.org

$ORIGIN .

$TTL 86400 ; 1 day

mccc.org IN SOA mccc1.mccc.org. postmaster.mccc.org. (

1505021309 ; serial

60 ; refresh (1 minute)

1800 ; retry (30 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS mccc1.mccc.org.

$ORIGIN mccc.org.

_sflow._udp TXT "txtvers=1" "polling=20" "sampling=512"

SRV 0 0 6343 mccc1

mccc1 A 10.207.29.1

root@vmem1:/var/lib/bind# cat rev.mccc.org

$ORIGIN .

$TTL 86400 ; 1 day

29.207.10.in-addr.arpa IN SOA mccc1.mccc.org. postmaster.mccc.org. (

1411021420 ; serial

3600 ; refresh (1 hour)

1800 ; retry (30 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS mccc1.mccc.org.

$ORIGIN 29.207.10.in-addr.arpa.

1 PTR mccc1.mccc.org.

root@vmem1:/var/lib/bind#

Update End Ubuntu 15.04 2015-05-16

Configure dnsmasq-base

Now configure dnsmasq-base ("NetworkManager" component) to IGNORE DNS requests for the local-only vmem.org domain as shown below. In other words, this step puts the local domain "vmem.org" under the control of bind9, and tells dnsmasq-base to ignore this domain.

gstanden@W520:~$ sudo vi /etc/NetworkManager/dnsmasq.d/local

[sudo] password for gstanden:

gstanden@W520:~$ sudo vi /etc/NetworkManager/dnsmasq.d/local

gstanden@W520:~$ cat /etc/NetworkManager/dnsmasq.d/local

server=/vmem.org/10.207.39.1

server=/39.207.10.in-addr.arpa/10.207.39.1

gstanden@W520:~$

Update Begin Ubuntu 15.04 2015-05-16

Additional entries are needed for the new subnet forward and reverse lookups to /etc/NetworkManager/dnsmasq.d/local to ensure that dnsmasq ignores these networks and allows bind9 (named) to managed the DNS lookups for these networks. The updated /etc/NetworkManager/dnsmasq.d/local file is shown below.

root@vmem1:/var/lib/bind# cat /etc/NetworkManager/dnsmasq.d/local

server=/vmem.org/10.207.39.1

server=/39.207.10.in-addr.arpa/10.207.39.1

server=/mccc.org/10.207.29.1

server=/29.207.10.in-addr.arpa/10.207.29.1

root@vmem1:/var/lib/bind#

Note the new entries above, in bold, for the mccc.org and 10.207.29.1 forward and reverse lookup zones.

Update End Ubuntu 15.04 2015-05-16

Configure /etc/network/interfaces

Ensure that "/etc/network/interfaces" file has the following three lines added after "iface" line. These lines are responsible for configuring the "/etc/resolv.conf" file. There are no changes to the /etc/network/interfaces file for the Ubuntu 15.04 update. Note that "mccc.org" is added to /etc/resolv.conf using /etc/dhcp/dhclient.conf (see above) but it probably could also be added here in /etc/network/interfaces as an additional entry on the "dns-search" line.

gstanden@W520:~$ sudo vi /etc/network/interfaces

[sudo] password for gstanden:

gstanden@W520:~$ cat /etc/network/interfaces

# interfaces(5) file used by ifup(8) and ifdown(8)

auto lo

iface lo inet loopback

dns-domain vmem.org

dns-search gns1.vmem.org

dns-nameserver 127.0.0.1

gstanden@W520:~$

Configure /etc/sysctl.conf

Make the settings values changes to existing parameters in the /etc/sysctl.conf as shown below thanks to the blogpost from Venu Murthy here. Additional reference material and full-resolution schematics of OpenvSwitch OpenStack networking can be found at OpenStack documentation.

gstanden@W520:~/Networking$ cat /etc/sysctl.conf | egrep -B1 'rp_filter|ip_forward'

# GLS 20141226 http://thenewstack.io/solving-a-common-beginners-problem-when-pinging-from-an-openstack-instance/

net.ipv4.conf.default.rp_filter=0

net.ipv4.conf.all.rp_filter=0

--

# GLS 20141226 http://thenewstack.io/solving-a-common-beginners-problem-when-pinging-from-an-openstack-instance/

net.ipv4.ip_forward=1

gstanden@W520:~/Networking$

Install and Configure Required Apparmor Package

Next install apparmor-utils package as shown below.

gstanden@W520:~$ sudo apt-get install apparmor-utils

Reading package lists... Done

Building dependency tree

Reading state information... Done

The following extra packages will be installed:

python3-apparmor python3-libapparmor

Suggested packages:

apparmor-docs vim-addon-manager

The following NEW packages will be installed:

apparmor-utils python3-apparmor python3-libapparmor

0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.

Need to get 140 kB of archives.

After this operation, 903 kB of additional disk space will be used.

Do you want to continue? [Y/n] Y

Get:1 http://us.archive.ubuntu.com/ubuntu/ utopic/main python3-libapparmor amd64 2.8.98-0ubuntu2 [24.7 kB]

Get:2 http://us.archive.ubuntu.com/ubuntu/ utopic/main python3-apparmor amd64 2.8.98-0ubuntu2 [62.1 kB]

Get:3 http://us.archive.ubuntu.com/ubuntu/ utopic/main apparmor-utils amd64 2.8.98-0ubuntu2 [53.0 kB]

Fetched 140 kB in 1s (78.5 kB/s)

Selecting previously unselected package python3-libapparmor.

(Reading database ... 203805 files and directories currently installed.)

Preparing to unpack .../python3-libapparmor_2.8.98-0ubuntu2_amd64.deb ...

Unpacking python3-libapparmor (2.8.98-0ubuntu2) ...

Selecting previously unselected package python3-apparmor.

Preparing to unpack .../python3-apparmor_2.8.98-0ubuntu2_amd64.deb ...

Unpacking python3-apparmor (2.8.98-0ubuntu2) ...

Selecting previously unselected package apparmor-utils.

Preparing to unpack .../apparmor-utils_2.8.98-0ubuntu2_amd64.deb ...

Unpacking apparmor-utils (2.8.98-0ubuntu2) ...

Processing triggers for man-db (2.7.0.2-2) ...

Setting up python3-libapparmor (2.8.98-0ubuntu2) ...

Setting up python3-apparmor (2.8.98-0ubuntu2) ...

Setting up apparmor-utils (2.8.98-0ubuntu2) ...

gstanden@W520:~$

Set the apparmor profile for lxc-start to "complain" mode as shown below. Currently, this is considered by the author to be the Ubuntu Linux equivalent of setting selinux to "permissive" but not absolutely sure of that. This then would mean that this is the equivalent step in Venu's blog post for setting selinux to permissive mode in the apparmor paradigm.

gstanden@W520:~$ sudo aa-complain /usr/bin/lxc-start

Setting /usr/bin/lxc-start to complain mode.

gstanden@W520:~$

Add Settings to /etc/sysctl.conf File

Next add the following settings at the end of /etc/sysctl.conf for Oracle as shown below. Hugepages value is optional and can be adjusted downward depending on whether Hugepages are used or not and depending on what size of Oracle SGA.

# Oracle

kernel.shmmni = 4096

kernel.sem = 250 32000 100 128

fs.file-max = 6815744

fs.aio-max-nr = 1048576

net.ipv4.ip_local_port_range = 9000 65500

net.core.rmem_default = 262144

net.core.rmem_max = 4194304

net.core.wmem_default = 262144

net.core.wmem_max = 1048576

vm.nr_hugepages = 2060

kernel.panic_on_oops = 1

The final /etc/sysctl.conf file after all above edits should be similar to the one shown below. Sections edited and added are shown in bold.

gstanden@W520:~/Networking$ cat /etc/sysctl.conf

# /etc/sysctl.conf - Configuration file for setting system variables

# See /etc/sysctl.d/ for additional system variables.

# See sysctl.conf (5) for information.

#

#kernel.domainname = example.com

# Uncomment the following to stop low-level messages on console

#kernel.printk = 3 4 1 3

##############################################################3

# Functions previously found in netbase

#

# Uncomment the next two lines to enable Spoof protection (reverse-path filter)

# Turn on Source Address Verification in all interfaces to

# prevent some spoofing attacks

# GLS 20141226 http://thenewstack.io/solving-a-common-beginners-problem-when-pinging-from-an-openstack-instance/

net.ipv4.conf.default.rp_filter=0

net.ipv4.conf.all.rp_filter=0

# Uncomment the next line to enable TCP/IP SYN cookies

# See http://lwn.net/Articles/277146/

# Note: This may impact IPv6 TCP sessions too

#net.ipv4.tcp_syncookies=1

# Uncomment the next line to enable packet forwarding for IPv4

# GLS 20141226 http://thenewstack.io/solving-a-common-beginners-problem-when-pinging-from-an-openstack-instance/

net.ipv4.ip_forward=1

# Uncomment the next line to enable packet forwarding for IPv6

# Enabling this option disables Stateless Address Autoconfiguration

# based on Router Advertisements for this host

#net.ipv6.conf.all.forwarding=1

###################################################################

# Additional settings - these settings can improve the network

# security of the host and prevent against some network attacks

# including spoofing attacks and man in the middle attacks through

# redirection. Some network environments, however, require that these

# settings are disabled so review and enable them as needed.

#

# Do not accept ICMP redirects (prevent MITM attacks)

#net.ipv4.conf.all.accept_redirects = 0

#net.ipv6.conf.all.accept_redirects = 0

# _or_

# Accept ICMP redirects only for gateways listed in our default

# gateway list (enabled by default)

# net.ipv4.conf.all.secure_redirects = 1

#

# Do not send ICMP redirects (we are not a router)

#net.ipv4.conf.all.send_redirects = 0

#

# Do not accept IP source route packets (we are not a router)

#net.ipv4.conf.all.accept_source_route = 0

#net.ipv6.conf.all.accept_source_route = 0

#

# Log Martian Packets

#net.ipv4.conf.all.log_martians = 1

# Oracle

kernel.shmmni = 4096

kernel.sem = 250 32000 100 128

fs.file-max = 6815744

fs.aio-max-nr = 1048576

net.ipv4.ip_local_port_range = 9000 65500

net.core.rmem_default = 262144

net.core.rmem_max = 4194304

net.core.wmem_default = 262144

net.core.wmem_max = 1048576

vm.nr_hugepages = 2060

kernel.panic_on_oops = 1

gstanden@W520:~/Networking$

Apply the changes to the system using the command as shown below and verify that all new settings were accepted and applied.

gstanden@W520:~/Networking$ sudo sysctl -p

net.ipv4.conf.default.rp_filter = 1

net.ipv4.conf.all.rp_filter = 1

net.ipv4.ip_forward = 1

kernel.shmmni = 4096

kernel.sem = 250 32000 100 128

fs.file-max = 6815744

fs.aio-max-nr = 1048576

net.ipv4.ip_local_port_range = 9000 65500

net.core.rmem_default = 262144

net.core.rmem_max = 4194304

net.core.wmem_default = 262144

net.core.wmem_max = 1048576

vm.nr_hugepages = 2060

kernel.panic_on_oops = 1

gstanden@W520:~/Networking$

Restart DNS and DHCP to Verify Configuration

Reboot the desktop host to reset the "/etc/resolv.conf" file to the new settings, and verify DNS and DHCP configuration is correct by doing an nslookup on "w520" and "w520.vmem.org". Both should return the local IP address for that server. Run the tests as shown below to:

• Verify DNS is working;

• Verify that "named" is monitoring 10.207.39.1

• Verify that "named" in monitoring 10.207.29.1 (new network for mccc.org) GLS 2015-05-16

• Verify that "dnsmasq" is monitoring 10.0.3.1

• Verify that the OpenvSwitch switches are created

• Verify that "/etc/resolv.conf" has the correct settings

These tests are shown below with correct expected output.

gstanden@w520:~$ cat /etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)

# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

nameserver 127.0.0.1

search vmem.org gns1.vmem.org

gstanden@w520:~$

gstanden@w520:~$ nslookup w520

Server: 127.0.0.1

Address: 127.0.0.1#53

Name: W520.vmem.org

Address: 10.207.39.1

gstanden@w520:~$ nslookup w520.vmem.org

Server: 127.0.0.1

Address: 127.0.0.1#53

Name: W520.vmem.org

Address: 10.207.39.1

gstanden@w520:~$ sudo netstat -ulnp | grep 53

[sudo] password for gstanden:

udp 0 0 0.0.0.0:5353 0.0.0.0:* 655/avahi-daemon: r

udp 0 0 0.0.0.0:55382 0.0.0.0:* 2262/dhcpd

udp 0 0 10.0.3.1:53 0.0.0.0:* 3139/dnsmasq

udp 0 0 10.207.39.1:53 0.0.0.0:* 2374/named

udp 0 0 127.0.0.1:53 0.0.0.0:* 2374/named

udp 0 0 127.0.1.1:53 0.0.0.0:* 2062/dnsmasq

udp6 0 0 :::5353 :::* 655/avahi-daemon: r

udp6 0 0 fe80::14f1:a8ff:fe89:53 :::* 3139/dnsmasq

udp6 0 0 :::53 :::* 2374/named

gstanden@w520:~$ sudo ovs-vsctl show

2044e8b7-5949-4c10-8e3a-0825f7b69ea5

Bridge "sw9"

Port "sw9"

Interface "sw9"

type: internal

Bridge "sw6"

Port "sw6"

Interface "sw6"

type: internal

Bridge "sw5"

Port "sw5"

Interface "sw5"

type: internal

Bridge "sw8"

Port "sw8"

Interface "sw8"

type: internal

Bridge "sw7"

Port "sw7"

Interface "sw7"

type: internal

Bridge "sw4"

Port "sw4"

Interface "sw4"

type: internal

Bridge "sw3"

Port "sw3"

tag: 90

Interface "sw3"

type: internal

Port "w2"

Interface "w2"

Port "w4"

Interface "w4"

Port "w3"

Interface "w3"

Port "w5"

Interface "w5"

Port "w1"

Interface "w1"

Bridge "sw1"

Port "s4"

Interface "s4"

Port "s3"

Interface "s3"

Port "s1"

Interface "s1"

Port "s2"

Interface "s2"

Port "s5"

Interface "s5"

Port "sw1"

tag: 10

trunks: [10]

Interface "sw1"

type: internal

Bridge "sw2"

Port "t1"

Interface "t1"

Port "t4"

Interface "t4"

Port "t2"

Interface "t2"

Port "t5"

Interface "t5"

Port "t3"

Interface "t3"

Port "sw2"

tag: 80

Interface "sw2"

type: internal

ovs_version: "2.1.3"

gstanden@w520:~$

Update Begin Ubuntu 15.04 2015-05-16

gstanden@vmem1:~/OpenvSwitch$ nslookup vmem1

Server: 127.0.1.1

Address: 127.0.1.1#53

Name: vmem1.vmem.org

Address: 10.207.39.1

gstanden@vmem1:~/OpenvSwitch$ nslookup mccc1

Server: 127.0.1.1

Address: 127.0.1.1#53

Name: mccc1.mccc.org

Address: 10.207.29.1

gstanden@vmem1:~/OpenvSwitch$ sudo ovs-vsctl show

2fc24710-34b5-4aa2-a32d-4e7bcb1afa1a

Bridge "sw8"

Port "sw8"

tag: 60

trunks: [60, 70]

Interface "sw8"

type: internal

Bridge "sw7"

Port "sw7"

tag: 50

trunks: [20, 30, 40, 50]

Interface "sw7"

type: internal

Bridge "sw4"

Port "sw4"

tag: 20

trunks: [20, 30, 40, 50]

Interface "sw4"

type: internal

Bridge "sw6"

Port "sw6"

tag: 40

trunks: [20, 30, 40, 50]

Interface "sw6"

type: internal

Bridge "sw5"

Port "sw5"

tag: 30

trunks: [20, 30, 40, 50]

Interface "sw5"

type: internal

Bridge "sw2"

Port "t1"

Interface "t1"

Port "sw2"

tag: 80

Interface "sw2"

type: internal

Port "t4"

Interface "t4"

Port "t3"

Interface "t3"

Port "t2"

Interface "t2"

Port "t5"

Interface "t5"

Bridge "sw9"

Port "sw9"

tag: 70

trunks: [60, 70]

Interface "sw9"

type: internal

Bridge "sw1"

Port "s2"

Interface "s2"

Port "s4"

Interface "s4"

Port "s1"

Interface "s1"

Port "s5"

Interface "s5"

Port "sw1"

tag: 10

trunks: [10]

Interface "sw1"

type: internal

Port "s3"

Interface "s3"

Bridge "sw3"

Port "w4"

Interface "w4"

Port "w2"

Interface "w2"

Port "w1"

Interface "w1"

Port "sw3"

tag: 90

Interface "sw3"

type: internal

Port "w3"

Interface "w3"

Port "w5"

Interface "w5"

Bridge "sx1"

Port "a4"

Interface "a4"

Port "a5"

Interface "a5"

Port "a3"

Interface "a3"

Port "a2"

Interface "a2"

Port "a1"

Interface "a1"

Port "sx1"

tag: 10

trunks: [10]

Interface "sx1"

type: internal

ovs_version: "2.3.1"

gstanden@vmem1:~/OpenvSwitch$ sudo netstat -ulnp | grep 53

[sudo] password for gstanden:

udp 0 0 0.0.0.0:5353 0.0.0.0:* 1031/avahi-daemon:

udp 0 0 192.168.122.1:53 0.0.0.0:* 3285/named

udp 0 0 10.207.29.1:53 0.0.0.0:* 3285/named <-- New Network added

udp 0 0 10.207.39.1:53 0.0.0.0:* 3285/named

udp 0 0 127.0.0.1:53 0.0.0.0:* 3285/named

udp 0 0 192.168.122.1:53 0.0.0.0:* 2810/dnsmasq

udp 0 0 127.0.1.1:53 0.0.0.0:* 1993/dnsmasq

udp6 0 0 :::53622 :::* 1174/rpc.mountd

udp6 0 0 :::5353 :::* 1031/avahi-daemon:

udp6 0 0 :::53 :::* 3285/named

gstanden@vmem1:~/OpenvSwitch$

Create Oracle Enteprise Linux 6.5 LXC Linux Container

Install Ubuntu rpm and yum Packages

Create an Oracle Enteprise Linux (OEL) 6.5 LXC Linux Container as shown below. Notice that the "rpm" and "yum" deb packages must be installed first. As shown below, LXC container creation is not possible without the Ubuntu versions of "rpm" and "yum" installed first.

gstanden@W520:~$ sudo lxc-create -t oracle -n lxcora01 | tee lxcora01.log

Host is Ubuntu 14.10

No release specified with -R, defaulting to 6.5

Create configuration file /var/lib/lxc/lxcora01/config

failed: The rpm command is required, please install it

lxc_container: lxccontainer.c: create_run_template: 1121 container creation template for lxcora01 failed

lxc_container: lxc_create.c: main: 280 Error creating container lxcora01

gstanden@W520:~$ sudo apt-get install rpm

Reading package lists... Done

Building dependency tree

Reading state information... Done

The following extra packages will be installed:

debugedit librpm3 librpmbuild3 librpmio3 librpmsign1 rpm-common rpm2cpio

Suggested packages:

rpm-i18n alien elfutils rpmlint rpm2html

The following NEW packages will be installed:

debugedit librpm3 librpmbuild3 librpmio3 librpmsign1 rpm rpm-common rpm2cpio

0 upgraded, 8 newly installed, 0 to remove and 0 not upgraded.

Need to get 451 kB of archives.

After this operation, 2,026 kB of additional disk space will be used.

Do you want to continue? [Y/n] Y

Get:1 http://us.archive.ubuntu.com/ubuntu/ utopic/main librpmio3 amd64 4.11.2-3 [69.0 kB]

Get:2 http://us.archive.ubuntu.com/ubuntu/ utopic/main debugedit amd64 4.11.2-3 [15.6 kB]

Get:3 http://us.archive.ubuntu.com/ubuntu/ utopic/main librpm3 amd64 4.11.2-3 [154 kB]

Get:4 http://us.archive.ubuntu.com/ubuntu/ utopic/main librpmbuild3 amd64 4.11.2-3 [58.0 kB]

Get:5 http://us.archive.ubuntu.com/ubuntu/ utopic/main librpmsign1 amd64 4.11.2-3 [8,024 B]

Get:6 http://us.archive.ubuntu.com/ubuntu/ utopic/main rpm-common amd64 4.11.2-3 [26.3 kB]

Get:7 http://us.archive.ubuntu.com/ubuntu/ utopic/main rpm2cpio amd64 4.11.2-3 [5,196 B]

Get:8 http://us.archive.ubuntu.com/ubuntu/ utopic/main rpm amd64 4.11.2-3 [115 kB]

Fetched 451 kB in 2s (152 kB/s)

Selecting previously unselected package librpmio3.

(Reading database ... 203302 files and directories currently installed.)

Preparing to unpack .../librpmio3_4.11.2-3_amd64.deb ...

Unpacking librpmio3 (4.11.2-3) ...

Selecting previously unselected package debugedit.

Preparing to unpack .../debugedit_4.11.2-3_amd64.deb ...

Unpacking debugedit (4.11.2-3) ...

Selecting previously unselected package librpm3.

Preparing to unpack .../librpm3_4.11.2-3_amd64.deb ...

Unpacking librpm3 (4.11.2-3) ...

Selecting previously unselected package librpmbuild3.

Preparing to unpack .../librpmbuild3_4.11.2-3_amd64.deb ...

Unpacking librpmbuild3 (4.11.2-3) ...

Selecting previously unselected package librpmsign1.

Preparing to unpack .../librpmsign1_4.11.2-3_amd64.deb ...

Unpacking librpmsign1 (4.11.2-3) ...

Selecting previously unselected package rpm-common.

Preparing to unpack .../rpm-common_4.11.2-3_amd64.deb ...

Unpacking rpm-common (4.11.2-3) ...

Selecting previously unselected package rpm2cpio.

Preparing to unpack .../rpm2cpio_4.11.2-3_amd64.deb ...

Unpacking rpm2cpio (4.11.2-3) ...

Selecting previously unselected package rpm.

Preparing to unpack .../rpm_4.11.2-3_amd64.deb ...

Unpacking rpm (4.11.2-3) ...

Processing triggers for man-db (2.7.0.2-2) ...

gstanden@W520:~$

Install Ubuntu yum Package

Now install the OEL 6.5 LXC Linux Container as shown below. Notice that the "yum" deb package must first be installed, as shown below.

gstanden@W520:~$ sudo lxc-create -t oracle -n lxcora01

Host is Ubuntu 14.10

No release specified with -R, defaulting to 6.5

Create configuration file /var/lib/lxc/lxcora01/config

failed: The yum command is required, please install it

lxc_container: lxccontainer.c: create_run_template: 1121 container creation template for lxcora01 failed

lxc_container: lxc_create.c: main: 280 Error creating container lxcora01

gstanden@W520:~$ sudo apt-get install yum

Reading package lists... Done

Building dependency tree

Reading state information... Done

The following extra packages will be installed:

libsqlite0 python-libxml2 python-rpm python-sqlite python-sqlitecachec python-urlgrabber

Suggested packages:

python-sqlite-dbg

The following NEW packages will be installed:

libsqlite0 python-libxml2 python-rpm python-sqlite python-sqlitecachec python-urlgrabber yum

0 upgraded, 7 newly installed, 0 to remove and 0 not upgraded.

Need to get 1,220 kB of archives.

After this operation, 5,391 kB of additional disk space will be used.

Do you want to continue? [Y/n] Y

Get:1 http://us.archive.ubuntu.com/ubuntu/ utopic/universe libsqlite0 amd64 2.8.17-10ubuntu2 [139 kB]

Get:2 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-libxml2 amd64 2.9.1+dfsg1-4ubuntu1 [143 kB]

Get:3 http://us.archive.ubuntu.com/ubuntu/ utopic/universe python-sqlite amd64 1.0.1-11 [20.7 kB]

Get:4 http://us.archive.ubuntu.com/ubuntu/ utopic/main python-urlgrabber all 3.9.1-4ubuntu3 [42.3 kB]

Get:5 http://us.archive.ubuntu.com/ubuntu/ utopic/universe python-rpm amd64 4.11.2-3 [33.5 kB]

Get:6 http://us.archive.ubuntu.com/ubuntu/ utopic/universe python-sqlitecachec amd64 1.1.4-1 [21.4 kB]

Get:7 http://us.archive.ubuntu.com/ubuntu/ utopic/universe yum all 3.4.3-2ubuntu1 [821 kB]

Fetched 1,220 kB in 5s (209 kB/s)

Selecting previously unselected package libsqlite0.

(Reading database ... 203549 files and directories currently installed.)

Preparing to unpack .../libsqlite0_2.8.17-10ubuntu2_amd64.deb ...

Unpacking libsqlite0 (2.8.17-10ubuntu2) ...

Selecting previously unselected package python-libxml2.

Preparing to unpack .../python-libxml2_2.9.1+dfsg1-4ubuntu1_amd64.deb ...

Unpacking python-libxml2 (2.9.1+dfsg1-4ubuntu1) ...

Selecting previously unselected package python-sqlite.

Preparing to unpack .../python-sqlite_1.0.1-11_amd64.deb ...

Unpacking python-sqlite (1.0.1-11) ...

Selecting previously unselected package python-urlgrabber.

Preparing to unpack .../python-urlgrabber_3.9.1-4ubuntu3_all.deb ...

Unpacking python-urlgrabber (3.9.1-4ubuntu3) ...

Selecting previously unselected package python-rpm.

Preparing to unpack .../python-rpm_4.11.2-3_amd64.deb ...

Unpacking python-rpm (4.11.2-3) ...

Selecting previously unselected package python-sqlitecachec.

Preparing to unpack .../python-sqlitecachec_1.1.4-1_amd64.deb ...

Unpacking python-sqlitecachec (1.1.4-1) ...

Selecting previously unselected package yum.

Preparing to unpack .../yum_3.4.3-2ubuntu1_all.deb ...

Unpacking yum (3.4.3-2ubuntu1) ...

Processing triggers for man-db (2.7.0.2-2) ...

Setting up libsqlite0 (2.8.17-10ubuntu2) ...

Setting up python-libxml2 (2.9.1+dfsg1-4ubuntu1) ...

Setting up python-sqlite (1.0.1-11) ...

Setting up python-urlgrabber (3.9.1-4ubuntu3) ...

Setting up python-rpm (4.11.2-3) ...

Setting up python-sqlitecachec (1.1.4-1) ...

Setting up yum (3.4.3-2ubuntu1) ...

Processing triggers for libc-bin (2.19-10ubuntu2.1) ...

gstanden@W520:~$

Create LXC Container

Now install the OEL 6.5 LXC Linux Container as shown below. The full log of the installation is attached to the blog as "lxcora01.log". Abridged information from the creation of the LXC is shown below.

gstanden@W520:~$ sudo lxc-create -t oracle -n lxcora01 | tee lxcora01.log

gstanden@W520:~$ head lxcora01.log

Host is Ubuntu 14.10

No release specified with -R, defaulting to 6.5

Create configuration file /var/lib/lxc/lxcora01/config

Yum installing release 6.5 for x86_64

Setting up Install Process

Resolving Dependencies

--> Running transaction check

---> Package chkconfig.x86_64 0:1.3.49.3-2.el6_4.1 will be installed

--> Processing Dependency: libc.so.6(GLIBC_2.2.5)(64bit) for package: chkconfig-1.3.49.3-2.el6_4.1.x86_64

--> Processing Dependency: libc.so.6(GLIBC_2.8)(64bit) for package: chkconfig-1.3.49.3-2.el6_4.1.x86_64

...

...

...

Complete!

Rebuilding rpm database

Patching container rootfs /var/lib/lxc/lxcora01/rootfs for Oracle Linux 6.5

Configuring container for Oracle Linux 6.5

Added container user:oracle password:oracle

Added container user:root password:root

Container : /var/lib/lxc/lxcora01/rootfs

Config : /var/lib/lxc/lxcora01/config

Network : eth0 (veth) on virbr0

gstanden@W520:~$ sudo lxc-ls -f

NAME STATE IPV4 IPV6 GROUPS AUTOSTART

------------------------------------------------

lxcora01 STOPPED - - - NO

gstanden@W520:~$

Start LXC Linux Container lxcora01 in foreground mode ("-F") so that console will connect on current startup session as shown below. Notice that DHCP provided by default by dnsmasq-base listening on lxcbr0 (10.0.3.1) has provided a dhcp-issued IP address for the container. This is the default networking provided by the standard template. After verifying, shutdown the container using "shutdown -h now" as shown below.

Also, note the MAC address shown in bold below which will be used when editing the config file for the container for OpenvSwitch networking.

gstanden@W520:~$ sudo lxc-start -n lxcora01 -F

Welcome to Oracle Linux Server

Setting hostname lxcora01: [ OK ]

Checking filesystems

[ OK ]

Mounting local filesystems: [ OK ]

Enabling /etc/fstab swaps: [ OK ]

Entering non-interactive startup

Bringing up loopback interface: [ OK ]

Bringing up interface eth0:

Determining IP information for eth0... done.

[ OK ]

Starting system logger: [ OK ]

Mounting filesystems: [ OK ]

Generating SSH1 RSA host key: [ OK ]

Generating SSH2 RSA host key: [ OK ]

Generating SSH2 DSA host key: [ OK ]

Starting sshd: [ OK ]

Oracle Linux Server release 6.5

Kernel 3.16.0-28-generic on an x86_64

lxcora01 login: root

Password:

[root@lxcora01 ~]# ifconfig

eth0 Link encap:Ethernet HWaddr FE:71:FA:7E:CB:AF

inet addr:10.0.3.116 Bcast:10.0.3.255 Mask:255.255.255.0

inet6 addr: fe80::fc71:faff:fe7e:cbaf/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:30 errors:0 dropped:0 overruns:0 frame:0

TX packets:13 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:4625 (4.5 KiB) TX bytes:1458 (1.4 KiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:65536 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

[root@lxcora01 ~]# shutdown -h now

Configure LXC Container for OpenvSwitch Networking

Make a backup of the original install LXC config file as shown below.

gstanden@W520:~$ sudo su -

root@W520:~# cd /var/lib/lxc/lxcora01

root@W520:/var/lib/lxc/lxcora01# ls -lrt

total 8

-rw-r--r-- 1 root root 663 Dec 28 14:48 config

dr-xr-xr-x 21 root root 4096 Dec 28 15:12 rootfs

root@W520:/var/lib/lxc/lxcora01# cp -p config config.original.install.bak

Edit LXC Container config File for OpenvSwitch

The original "/var/lib/lxc/lxcora01/config" file is shown below. In the next step, the config is edited to put the container on the OpenvSwitch network., The lines shown in bold will be commented out in the next step to remove the LXC container from Linux Bridge networking, and the file will be rearranged slightly for clarity and readability.

root@W520:/var/lib/lxc/lxcora01# cat config.original.install.bak

# Template used to create this container: /usr/share/lxc/templates/lxc-oracle

# Parameters passed to the template:

# For additional config options, please look at lxc.container.conf(5)

lxc.network.type = veth

lxc.network.link = lxcbr0

lxc.network.flags = up

lxc.network.hwaddr = 00:16:3e:xx:xx:xx

lxc.rootfs = /var/lib/lxc/lxcora01/rootfs

# Common configuration

lxc.include = /usr/share/lxc/config/oracle.common.conf

# Container configuration for Oracle Linux 6.5

lxc.arch = x86_64

lxc.utsname = lxcora01

lxc.cap.drop = sys_resource

lxc.cap.drop = setfcap setpcap

# Networking

lxc.network.name = eth0

lxc.network.mtu = 1500

lxc.network.hwaddr = fe:71:fa:7e:cb:af

root@W520:/var/lib/lxc/lxcora01#

The edited version of the "/var/lib/lxc/lxcora01/config" for use with OpenvSwitch networking is shown below. TheLinux Bridge networking lines have been removed, and the file has also been rearranged into sections for better readability and clarity.

root@W520:/var/lib/lxc/lxcora01# cat config

# Template used to create this container: /usr/share/lxc/templates/lxc-oracle

# Parameters passed to the template:

# For additional config options, please look at lxc.container.conf(5)

# Filesystem

lxc.rootfs = /var/lib/lxc/lxcora01/rootfs

# Common configuration

lxc.include = /usr/share/lxc/config/oracle.common.conf

# Container configuration for Oracle Linux 6.5

lxc.arch = x86_64

lxc.utsname = lxcora01

lxc.cap.drop = sys_resource

lxc.cap.drop = setfcap setpcap

# OpenvSwitch Networking <-- OpenvSwitch Networking is added.

lxc.network.type = veth

lxc.network.flags = up

lxc.network.script.up = /etc/network/if-up.d/lxc-ifup-sw1

lxc.network.script.down = /etc/network/if-down.d/lxc-ifdown-sw1

lxc.network.veth.pair = lxcora01-pub

lxc.network.name = eth0

lxc.network.mtu = 1500

lxc.network.hwaddr = fe:71:fa:7e:cb:af <-- Same MAC address is reused from original config for eth0

# Linux Bridge Networking <-- Linux Bridge Networking is commented out.

# lxc.network.type = veth

# lxc.network.link = lxcbr0

# lxc.network.flags = up

# lxc.network.hwaddr = 00:16:3e:xx:xx:xx

# lxc.network.name = eth1

# lxc.network.mtu = 1500

root@W520:/var/lib/lxc/lxcora01#

Create Additional Required Networking Files

Next the two files "lxc-ifup-sw1" and "lxc-ifdown-sw1" must be installed and configured as shown below.

root@W520:/etc/network/if-up.d# chmod 744 lxc-ifup-sw1

root@W520:/etc/network/if-up.d# cd ..

root@W520:/etc/network# cd if-down.d

root@W520:/etc/network/if-down.d# chmod 744 lxc-ifdown-sw1

root@W520:/etc/network/if-down.d#

root@W520:/etc/network/if-up.d# cat lxc-ifup-sw1

#!/bin/bash

ovsBr='sw1'

ovs-vsctl add-port ${ovsBr} $5

ovs-vsctl set port $5 tag=10

root@W520:/etc/network/if-up.d# cd ..

root@W520:/etc/network# cd if-down.d/

root@W520:/etc/network/if-down.d# cat lxc-ifdown-sw1

#!/bin/bash

ovsBr='sw1'

ovs-vsctl del-port ${ovsBr} $5

root@W520:/etc/network/if-down.d#

Configure dhclient.conf File

Next edit the "/var/lib/lxc/lxcora01/rootfs/etc/dhcp/dhclient.conf" file for the LXC container as shown below. This file configures the "/etc/resolv.conf" file of the LXC Linux Container at boot time ensuring that it always has the correct set of nameserver values and domain name values added dynamically at boot. Note that the "vmem.org" domain name is not included because it is added to the container /etc/resolv.conf by DHCP of the host. Optionally, it could be included here, but typically this would result in "vmem.org" appearing twice in the resolv.conf file of the LXC container.

root@W520:/var/lib/lxc/lxcora01# cat rootfs/etc/dhcp/dhclient.conf

append domain-name-servers 8.8.8.8, 10.207.39.3;

append domain-name " gns1.vmem.org";

root@W520:/var/lib/lxc/lxcora01#

The "/var/lib/lxc/lxcora01/rootfs/etc/sysconfig/network-scripts/ifcfg-eth0" file can be listed and checked as well as shown below just to verify it is correct. It should be similar to the one shown below.

root@W520:/var/lib/lxc/lxcora01# cat rootfs/etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

BOOTPROTO=dhcp

ONBOOT=yes

HOSTNAME=lxcora01

DHCP_HOSTNAME=lxcora01

NM_CONTROLLED=no

TYPE=Ethernet

root@W520:/var/lib/lxc/lxcora01#

Verify Container Operation on DHCP and DNS with OpenvSwitch

Start the container (or reboot if it is already running) as shown below. IP assignment ot eth0 should be successful.

gstanden@W520:~$ sudo lxc-start -n lxcora01 -F

Welcome to Oracle Linux Server

Setting hostname lxcora01: [ OK ]

Checking filesystems

[ OK ]

Mounting local filesystems: [ OK ]

Enabling /etc/fstab swaps: [ OK ]

Entering non-interactive startup

Bringing up loopback interface: [ OK ]

Bringing up interface eth0:

Determining IP information for eth0... done.

[ OK ]

Starting system logger: [ OK ]

Mounting filesystems: [ OK ]

Starting sshd: [ OK ]

Oracle Linux Server release 6.5

Kernel 3.16.0-28-generic on an x86_64

lxcora01 login:

Verify Container on OpenvSwitch Network

Login to the container and verify that the container is now on the OpenvSwitch network as shown below. In this case the first container gets ".70" as it's IP because this was set as the lowest IP in the DHCP reserved range. IP addresses below 70 are reserved for static assignment on the 10.207.39.x subnet.

[root@lxcora01 ~]# ifconfig

eth0 Link encap:Ethernet HWaddr FE:71:FA:7E:CB:AF

inet addr:10.207.39.70 Bcast:10.207.39.255 Mask:255.255.255.0

inet6 addr: fe80::fc71:faff:fe7e:cbaf/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:124 errors:0 dropped:0 overruns:0 frame:0

TX packets:11 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:24086 (23.5 KiB) TX bytes:1074 (1.0 KiB)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0

inet6 addr: ::1/128 Scope:Host

UP LOOPBACK RUNNING MTU:65536 Metric:1

RX packets:0 errors:0 dropped:0 overruns:0 frame:0

TX packets:0 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:0

RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

[root@lxcora01 ~]#

Verify Container /etc/resolv.conf Correct Dynamic Formatting

Check that the /etc/resolv.conf has the correct entries assigned at startup by dhclient.conf file as shown below.

[root@lxcora01 ~]# cat /etc/resolv.conf

; generated by /sbin/dhclient-script

search vmem.org gns1.vmem.org

nameserver 10.207.39.1

nameserver 8.8.8.8

nameserver 10.207.39.3

[root@lxcora01 ~]#

Install Package "bind-utils" into LXC Container

Install the "bind-utils" package inside the LXC container using "yum" as shown below, and check then check that "nslookup" can resolv "lxcora01" the hostname of the LXC container as shown below. The bind-utils package is needed to obtain "nslookup".

[root@lxcora01 ~]# yum install bind-utils

Loaded plugins: lxc-patch

ol6_u5_base | 1.4 kB 00:00

ol6_u5_base/primary | 3.2 MB 00:01

ol6_u5_base 8573/8573

Setting up Install Process

Resolving Dependencies

--> Running transaction check

---> Package bind-utils.x86_64 32:9.8.2-0.17.rc1.0.2.el6_4.6 will be installed

--> Processing Dependency: bind-libs = 32:9.8.2-0.17.rc1.0.2.el6_4.6 for package: 32:bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64

--> Processing Dependency: libdns.so.81()(64bit) for package: 32:bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64

--> Processing Dependency: libbind9.so.80()(64bit) for package: 32:bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64

--> Processing Dependency: libisc.so.83()(64bit) for package: 32:bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64

--> Processing Dependency: libisccc.so.80()(64bit) for package: 32:bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64

--> Processing Dependency: liblwres.so.80()(64bit) for package: 32:bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64

--> Processing Dependency: libisccfg.so.82()(64bit) for package: 32:bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64

--> Running transaction check

---> Package bind-libs.x86_64 32:9.8.2-0.17.rc1.0.2.el6_4.6 will be installed

--> Finished Dependency Resolution

Dependencies Resolved

==========================================================================================================================================================================

Package Arch Version Repository Size

==========================================================================================================================================================================

Installing:

bind-utils x86_64 32:9.8.2-0.17.rc1.0.2.el6_4.6 ol6_u5_base 182 k

Installing for dependencies:

bind-libs x86_64 32:9.8.2-0.17.rc1.0.2.el6_4.6 ol6_u5_base 878 k

Transaction Summary

==========================================================================================================================================================================

Install 2 Package(s)

Total download size: 1.0 M

Installed size: 2.6 M

Is this ok [y/N]: y

Downloading Packages:

(1/2): bind-libs-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64.rpm | 878 kB 00:30

(2/2): bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64.rpm | 182 kB 00:02

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Total 29 kB/s | 1.0 MB 00:36

warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID ec551f03: NOKEY

Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle

Importing GPG key 0xEC551F03:

Userid : Oracle OSS group (Open Source Software group) <build@oss.oracle.com>

Package: 6:oraclelinux-release-6Server-5.0.2.x86_64 (@ol6_u5_base/$releasever)

From : /etc/pki/rpm-gpg/RPM-GPG-KEY-oracle

Is this ok [y/N]: y

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : 32:bind-libs-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64 1/2

Installing : 32:bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64 2/2

lxc-patch: checking if updated pkgs need patching...

Verifying : 32:bind-libs-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64 1/2

Verifying : 32:bind-utils-9.8.2-0.17.rc1.0.2.el6_4.6.x86_64 2/2

Installed:

bind-utils.x86_64 32:9.8.2-0.17.rc1.0.2.el6_4.6

Dependency Installed:

bind-libs.x86_64 32:9.8.2-0.17.rc1.0.2.el6_4.6

Complete!

[root@lxcora01 ~]#

Run nslookup Tests in LXC Container to Verify DNS Resolutions

Now run nslookup as shown below to verify automatic DNS registration of DHCP-issued IP addresses and to test that various configured dynamic and static forward and reverse lookups are working correctly from the LXC container.

[root@lxcora01 ~]# nslookup lxcora01

Server: 10.207.39.1

Address: 10.207.39.1#53

Name: lxcora01.vmem.org

Address: 10.207.39.70

[root@lxcora01 ~]# nslookup 10.207.39.70

Server: 10.207.39.1

Address: 10.207.39.1#53

70.39.207.10.in-addr.arpa name = lxcora01.vmem.org.

[root@lxcora01 ~]# nslookup w520

Server: 10.207.39.1

Address: 10.207.39.1#53

Name: W520.vmem.org

Address: 10.207.39.1

[root@lxcora01 ~]# nslookup 10.207.39.1

Server: 10.207.39.1

Address: 10.207.39.1#53

1.39.207.10.in-addr.arpa name = W520.vmem.org.

[root@lxcora01 ~]# nslookup lxc1-gns-vip

Server: 10.207.39.1

Address: 10.207.39.1#53

Name: lxc1-gns-vip.vmem.org

Address: 10.207.39.3

[root@lxcora01 ~]# nslookup 10.207.39.3

Server: 10.207.39.1

Address: 10.207.39.1#53

3.39.207.10.in-addr.arpa name = lxc1-gns-vip.vmem.org.

[root@lxcora01 ~]#

Run Various Status Commands on Container

The LXC container is now on the OpenvSwitch network and ready for configuration of pre-requisites for Oracle Enterprise Database product installations. Various checks on the running container can be run as shown below.

gstanden@w520:~$ sudo lxc-info -n lxcora01

[sudo] password for gstanden:

Name: lxcora01

State: RUNNING

PID: 5288

IP: 10.207.39.70

CPU use: 4.99 seconds

BlkIO use: 2.23 MiB

Memory use: 33.65 MiB

KMem use: 0 bytes

Link: lxcora01-pub

TX bytes: 107.54 KiB

RX bytes: 4.54 MiB

Total bytes: 4.65 MiB

gstanden@w520:~$ sudo lxc-ls -f

NAME STATE IPV4 IPV6 GROUPS AUTOSTART

--------------------------------------------------------

lxcora01 RUNNING 10.207.39.70 - - NO

gstanden@w520:~$

Create File Management Links

Several files located in various directories are used to configure and manage this environment. It is useful to build links off of the "/home/username" directory to act as pointers to various required files for centralized managment and control. Use the "ln -s" command to create links as shown below. Note that links to files inside the rootfs of the LXC container will show as red due to access permissions when connected as non-root account, but are useful nevertheless for reminding location of these files.

root@vmem1:/home/gstanden/Networking# cat crt_links.sh

ln -s /etc/dhcp/dhcpd.conf .

ln -s /etc/dhcp/dhclient.conf .

ln -s /etc/init/my-network-up.sh .

ln -s /var/lib/bind/fwd.vmem.org .

ln -s /var/lib/bind/rev.vmem.org .

ln -s /var/lib/bind/fwd.mccc.org .

ln -s /var/lib/bind/rev.mccc.org .

ln -s /etc/network/if-up.d/lxc-ifup-sw1 .

ln -s /etc/network/if-down.d/lxc-ifdown-sw1 .

ln -s /etc/bind/named.conf.options .

ln -s /etc/bind/named.conf.local .

ln -s /etc/bind/rndc.key .

ln -s /var/lib/lxc/lxcora02/config lxcora02-config

ln -s /var/lib/lxc/lxcora03/config lxcora03-config

ln -s /etc/NetworkManager/dnsmasq.d/local .

root@vmem1:/home/gstanden/Networking#

Contents of the /home/gstanden/OpenvSwitch directory shown below.

gstanden@w520:~$ cd OpenvSwitch

gstanden@w520:~/OpenvSwitch$ ls -lrt

total 48

-rwxr-xr-x 1 gstanden gstanden 2153 Dec 30 19:34 crt_ovs_sw1.sh

-rwxr-xr-x 1 gstanden gstanden 1016 Dec 30 19:34 crt_ovs_sw2.sh

-rwxr-xr-x 1 gstanden gstanden 1019 Dec 30 19:34 crt_ovs_sw3.sh

-rwxr-xr-x 1 gstanden gstanden 704 Dec 30 19:34 crt_ovs_sw4.sh

-rwxr-xr-x 1 gstanden gstanden 704 Dec 30 19:34 crt_ovs_sw5.sh

-rwxr-xr-x 1 gstanden gstanden 704 Dec 30 19:34 crt_ovs_sw6.sh

-rwxr-xr-x 1 gstanden gstanden 704 Dec 30 19:34 crt_ovs_sw7.sh

-rwxr-xr-x 1 gstanden gstanden 704 Dec 30 19:34 crt_ovs_sw8.sh

-rwxr-xr-x 1 gstanden gstanden 704 Dec 30 19:34 crt_ovs_sw9.sh

lrwxrwxrwx 1 gstanden gstanden 28 Dec 30 19:38 my-network-up.conf -> /etc/init/my-network-up.conf

-rw-r--r-- 1 gstanden gstanden 414 Dec 30 20:50 crt_ovs_sw1.log

-rw-r--r-- 1 gstanden gstanden 195 Dec 30 20:50 crt_ovs_sw2.log

-rw-r--r-- 1 gstanden gstanden 195 Dec 30 20:50 crt_ovs_sw3.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 30 20:50 crt_ovs_sw4.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 30 20:50 crt_ovs_sw5.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 30 20:50 crt_ovs_sw6.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 30 20:50 crt_ovs_sw7.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 30 20:50 crt_ovs_sw8.log

-rw-r--r-- 1 gstanden gstanden 0 Dec 30 20:50 crt_ovs_sw9.log

gstanden@w520:~/OpenvSwitch$ cd ..

gstanden@w520:~$ cd Networking

root@vmem1:/home/gstanden/Networking# ls -lrt

total 4

lrwxrwxrwx 1 root root 20 May 16 17:38 dhcpd.conf -> /etc/dhcp/dhcpd.conf

lrwxrwxrwx 1 root root 23 May 16 17:38 dhclient.conf -> /etc/dhcp/dhclient.conf

lrwxrwxrwx 1 root root 26 May 16 17:38 rev.vmem.org -> /var/lib/bind/rev.vmem.org

lrwxrwxrwx 1 root root 26 May 16 17:38 fwd.vmem.org -> /var/lib/bind/fwd.vmem.org

lrwxrwxrwx 1 root root 26 May 16 17:38 rev.mccc.org -> /var/lib/bind/rev.mccc.org

lrwxrwxrwx 1 root root 26 May 16 17:38 fwd.mccc.org -> /var/lib/bind/fwd.mccc.org

lrwxrwxrwx 1 root root 33 May 16 17:38 lxc-ifup-sw1 -> /etc/network/if-up.d/lxc-ifup-sw1

lrwxrwxrwx 1 root root 37 May 16 17:38 lxc-ifdown-sw1 -> /etc/network/if-down.d/lxc-ifdown-sw1

lrwxrwxrwx 1 root root 18 May 16 17:38 rndc.key -> /etc/bind/rndc.key

lrwxrwxrwx 1 root root 28 May 16 17:38 named.conf.options -> /etc/bind/named.conf.options

lrwxrwxrwx 1 root root 26 May 16 17:38 named.conf.local -> /etc/bind/named.conf.local

lrwxrwxrwx 1 root root 35 May 16 17:38 local -> /etc/NetworkManager/dnsmasq.d/local

lrwxrwxrwx 1 root root 28 May 16 17:39 lxcora02-config -> /var/lib/lxc/lxcora02/config

lrwxrwxrwx 1 root root 28 May 16 17:39 lxcora03-config -> /var/lib/lxc/lxcora03/config

-rwxr-xr-x 1 gstanden gstanden 569 May 16 17:40 crt_links.sh

lrwxrwxrwx 1 root root 26 May 16 17:40 my-network-up.sh -> /etc/init/my-network-up.sh

root@vmem1:/home/gstanden/Networking#

gstanden@w520:~/Networking$ cd ..

gstanden@w520:~$ cd Templates

gstanden@w520:~/Templates$ ls -lrt

total 0

lrwxrwxrwx 1 gstanden gstanden 24 Dec 30 21:18 templates -> /usr/share/lxc/templates

gstanden@w520:~/Templates$