Running Vagrant/libvirt: trying to establish public/private networks

djsumdog asked:

I’m running Vagrant 1.7 (from their official 1.7 packages) on Ubuntu 14.04 LTS and I’m trying to provision several private VMs and one public one. My Ansible provisioning scripts change all the vagrant/root passwords and replace the Vagrant stock SSH keys for the security aspect.

All my internal IPs are I have one VM that needs the IP (which has a NAT going to it from our real external IP for ports 80/443).

The hypervisor is at and I created a br0 with that IP connected to eth0. My network configuration looks like the following:

auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static

auto br0
iface br0 inet static
    bridge_ports eth0
    bridge_stp off
    bridge_maxwait 0
    bridge_fd 0

I’m working on this remotely, which is why I was afraid to remove the IP from eth0. I realize that br0 should supersede it (br* have the real IPs and the eth* don’t).

In my Vagrent config, I have a block like the following:

  config.vm.define "haproxy" do |haproxy| :private_network, ip: :public_network, ip:
    haproxy.vm.hostname = vars.hostname('haproxy')
    haproxy.hostmanager.aliases = vars.aliases('haproxy')
    haproxy.vm.provision "ansible" do |ansible|
      ansible.playbook = "ansible/haproxy.yml"

However in that VM, I only see the following adapters:

eth0      inet addr:     
eth1      inet addr:    
eth2      inet addr:  Bcast:  Mask:

and on the hypervisor I see the following on br0:

brctl show
bridge name bridge id       STP enabled interfaces
br0     8000.0022192df5a7   no      eth1
virbr0      8000.000000000000   yes     
virbr1      8000.525400eda938   yes     virbr1-nic
virbr2      8000.525400c3098d   yes     virbr2-nic

and the hypervisor’s ifconfig for the virbr* devices:

virbr0    inet addr:  Bcast:  Mask:
virbr1    inet addr:  Bcast:  Mask:        
virbr2    inet addr:  Bcast:  Mask:

It looks like libvirt/kvm are establishing some 192 networks for some reason. I’m not too concerned about those, but I’m guessing my got converted into somehow within the Vagrant/libvirt provisioning.

I’m guessing I need another network in libvirt? All I seem to have is the default:

  <forward mode='nat'>
      <port start='1024' end='65535'/>
  <bridge name='virbr0' stp='on' delay='0'/>
  <mac address='52:54:00:9d:3b:a9'/>
  <ip address='' netmask=''>
      <range start='' end=''/>

I’m a little confused on the documentation for libvirt. I basically need my haproxy VM to have an adapter with the IP address accessible on the physical network connected to eth0 of the host machine. What do I need to do in this configuration to make this happen?

My answer:

For the configuration you want, you need to have the virtual machine’s NIC use your existing bridge br0 on the host. Unfortunately vagrant-libvirt doesn’t seem to support this configuration (it only uses macvtap, which is meant to take over a physical interface completely and doesn’t help you here because the host cannot use the interface).

I would contact the author of vagrant-libvirt and ask for this functionality to be added.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.