Installing a AlmaLinux 9 hypervisor
curl https://install.virtfusion.net/install-hypervisor-kvm-rhel-9.sh | sh -s -- --verbose
Once the installer has completed, you may add it to the control server.
Network setup
VirtFusion supports MacVTap, Bridge, Libvirt routed and Libvirt networking.
MacVTap networking
MacVTap is a device driver meant to simplify virtualized bridged networking. It replaces the combination of the tun/tap and bridge drivers with a single module based on the macvlan device driver.
This option has a limitation that you cannot filter traffic and you will lose IP Anti-Hijacking functionality.
No configuration required.
Standard bridge networking (Network Manager)
Get the main interface name:
nmcli con show --active
We will use eth0 and the main interface name.
nmcli con mod eth0 ipv4.gateway ""
nmcli con mod eth0 ipv4.address ""
nmcli conn add type bridge con-name br0 ifname br0
nmcli conn mod br0 ipv4.addresses 'xxx.xxx.xxx.xxx/24'
nmcli conn mod br0 ipv4.gateway 'xxx.xxx.xxx.xxx'
nmcli conn mod br0 ipv4.dns '8.8.8.8'
nmcli con mod br0 ipv4.method manual
nmcli conn add type ethernet slave-type bridge con-name bridge-br0 ifname eth0 master br0
Standard bridge networking (network-scripts)
On RHEL a standard /etc/sysconfig/network-scripts/ifcfg-eth0 file will look similar to this.
TYPE="Ethernet"
BOOTPROTO="none"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="eth0"
DEVICE="eth0"
ONBOOT="yes"
IPADDR="xxx.xxx.xxx.xxx"
GATEWAY="xxx.xxx.xxx.xxx"
NETMASK="255.255.255.0"
DNS1="8.8.8.8"
IPV6_PRIVACY="no"
Make a copy of the original file.
cp /etc/sysconfig/network-scripts/ifcfg-eth0 /root/ifcfg-eth0
Create a new file for the bridge.
vi /etc/sysconfig/network-scripts/ifcfg-br0
And copy the networking parts from /etc/sysconfig/network-scripts/ifcfg-eth0 to /etc/sysconfig/network-scripts/ifcfg-br0.
DEVICE=br0
TYPE=Bridge
BOOTPROTO=static
ONBOOT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
IPADDR=xxx.xxx.xxx.xxx
NETMASK=255.255.255.0
GATEWAY=xxx.xxx.xxx.xxx
Next, remove the networking parts from /etc/sysconfig/network-scripts/ifcfg-eth0.
BRIDGE=br0
TYPE="Ethernet"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="eth0"
DEVICE="eth0"
ONBOOT="yes"
DNS1="8.8.8.8"
IPV6_PRIVACY="no"
Once the bridge is set up, networking will need to be restarted.
systemctl restart NetworkManager.service
Libvirt routed networking
No modification of the main networking configuration is required.
Network configuration
Defining a Libvirt network is reasonably straightforward and should be low maintenance.
Create a file named network.xml with the following contents.
<network>
<name>br0</name>
<forward mode='route' dev="eth0"/>
<bridge name='br0' stp='on' delay='0'/>
<ip address='10.0.0.1' netmask='255.255.255.0'/>
<ip family="ipv6" address="2001:db8:aa::1" prefix="64"/>
</network>
- If you don't require IPv6 you may remove the
family="ipv6"line. - Replace
eth0with the device name of the main network. - Replace
10.0.0.1with your own subnet that is to be assigned to the server and the corresponding netmask. - If you require IPv6, replace the
addresswith your own subnet and the correspondingprefix.
Define the network, set it to autostart and start it.
virsh net-define --file network.xml
virsh net-autostart br0
virsh net-start br0
Network setup is now complete. You should use the main IP of the hypervisor as the gateway for the defined subnet.
Notes
Although it's not advised, you may install a hypervisor directly on the control server. This allows for a single server setup.