Most of them areoutdated, but provide historical design context.
They arenotuser documentation and should not be treated as such.
Documentation is available here.
oVirt LLDP labeler
oVirt LLDP labeler is a tool that utilizes LLDP support added to oVirt in 4.2. The tool helps to some extent automate network configuration overhead in clusters that are managed by the labeler. It can be used as a separate service or as one-time tool using its cli.
- Feature Owner: Ales Musil (amusil)
- E-mail: firstname.lastname@example.org
Benefit to oVirt
The labeler is a service that is capable of helping the oVirt administrator to automate some network related tasks. According to configuration reported via LLDP from peer switch, the labeler is capable of labeling host network interface or bond interfaces together.
Example VLAN flow
Consider following scenario:
Engine contains logical network
vlan10 tagged as VLAN with id 10
lldp_vlan_10. Multiple hosts that have it’s
connected to switch with VLAN id 10 configured and LLDP reporting
enabled for the interfaces connected to the hosts. To automatically
connect our logical network
vlan10 with the
eth1 on every host,
the administrator just needs to configure and run the labeler:
First time setup:
1) Write username and password into
2) Write cluster name and API address into
1) Run the oVirt LLDP labeler by executing
After the labeler run, the hosts will automatically set a
label on top of the
eth1 interfaces, which results in the automatic
vlan10 network, due to the matching label.
This can be repeated every time a new host is added to the cluster,
as well as for network changes within current hosts e.g. the switch
port connection was switched between
eth2 on the host.
The labeler has to be capable of reaching the desired engine REST API and the
python-ovirt-engine-sdk4 in a version greater than
4.2 has to be installed.
Currently, only Juniper switches support reporting of the needed parameters. The required parameters are:
The labeler service is done through timers available in systemd. The timer calls a target which executes the cli tool. The delay is one hour by default and can be changed in the timer specification.
The tool itself is divided into two parts. The labeling part and the bonding part, each can be enabled or disabled in the configuration file.
Each step described below is done for each host, that is part of the cluster specified in the configuration file.
The bonding part starts by fetching all LLDP available for interfaces that are not part of any existing bond already. The labeler is not trying to modify existing bonds, just to create new ones. The LLDP information is then searched for
Link Aggregationcapabilities. The interfaces, that are capable of aggregation, are grouped together by
Aggregation Link ID. Before creating a bond, the interface with attached
ovirtmgmtnetwork is filtered out, as we don’t want to risk losing connectivity with the host. Also, rules about which networks can be attached to an interface are applied. After creating bond candidates the last step is to re-attach all networks from slaves to the bond candidate. All network configurations made by the labeler are marked as permanent so host restart won’t wipe them.
The labeling part fetches LLDP from all non-VLAN interfaces and bond slaves. The labeler search every interface LLDP information for
VLAN IDtlvs. For every VLAN tlv, the labeler creates label candidate, in format of
$(VLAN-ID)is substituted with VLAN id from the reported LLDP information. It is possible to have multiple VLAN on the interface, in this case, the interface ends up with multiple labels.
The labeler consists of three main configuration files. Full configuration documentation is available in the project readme.
First two files are usually located in
ovirt-lldp-credentials.conf contains login information to access the
engine API. This file is restricted with permission 0600 to prevent any
unwanted access to the file.
usernameusername for Engine
passwordpassword for Engine
ovirt-lldp-labeler.conf contains basic configuration.
clusterslist of clusters on top of which the labeler will run
api_urlURL of the engine API
ca_filepath to certficate that should be used for API access
auto_bondingswitch to enable/disable auto bonding
auto_labelingswitch to enable/disable auto labeling
The last configuration file is the configuration of the systemd timer. It is usually
/usr/lib/systemd/system/ and it is called
OnUnitActiveSecThe timer delay for single labeler runs.
Run labeler under conditions below:
- Auto bonding disabled
- Auto labeling disabled
- Auto bonding and labeling enabled at the same time
- On top of hosts with VLAN interfaces
- On top of hosts with interfaces, with disabled LLDP reporting
- Security - only the ovirt-lldp-credentials.conf owner should be able to read/write into the config
- Service timer