How to create an OpenNebula virtual network
OpenNebula virtual networks connect VM network interfaces to the physical or overlay fabric available on the hypervisor hosts. Creating one defines the network driver, bridge or physical interface, address range, and guest context values that a VM template can use when it receives a NIC.
The CLI creates the network from a template file through onevnet. A VLAN-backed network is a common administrator-owned example because VN_MAD="802.1Q" ties the virtual network to a physical device and OpenNebula can assign a VLAN ID automatically unless a fixed ID is supplied.
Use a front-end shell that can authenticate to the OpenNebula XML-RPC endpoint, commonly the oneadmin account. The named cluster and the physical backing interface must match the hosts that will run VMs attached to the network, and a held smoke VM can confirm that the network leases an address before any workload is released.
Related: How to add a host to OpenNebula
Related: How to create an OpenNebula cluster
Related: How to instantiate an OpenNebula virtual machine
Steps to create an OpenNebula virtual network:
- Open a front-end shell as oneadmin.
$ sudo -iu oneadmin
- List existing virtual networks before choosing the new name and address range.
$ onevnet list ID USER GROUP NAME CLUSTER BRIDGE STATE LEASES 0 oneadmin oneadmin service 0 onebr0 rdy 4
- Create the virtual network template file.
- prod-lan.net
NAME = "prod-lan" VN_MAD = "802.1Q" PHYDEV = "eth1" AR = [ TYPE = "IP4", IP = "10.20.30.50", SIZE = "30" ] NETWORK_MASK = "255.255.255.0" GATEWAY = "10.20.30.1" DNS = "10.20.30.10" DESCRIPTION = "Production VM network on the server VLAN"
Replace eth1, the address range, gateway, and DNS server with values from the network fabric that is present on every host in the target cluster.
- Create the network in the target cluster.
$ onevnet create prod-lan.net --cluster production ID: 101
--cluster assigns the network to the cluster during creation. Omit it only when the default cluster is the intended placement boundary.
Related: How to create an OpenNebula cluster
- Inspect the new network and address range.
$ onevnet show prod-lan VIRTUAL NETWORK 101 INFORMATION ID : 101 NAME : prod-lan USER : oneadmin GROUP : oneadmin CLUSTERS : 100 BRIDGE : onebr101 STATE : READY VN_MAD : 802.1Q PHYSICAL DEVICE: eth1 VLAN ID : 120 VIRTUAL NETWORK TEMPLATE DNS="10.20.30.10" GATEWAY="10.20.30.1" NETWORK_MASK="255.255.255.0" PHYDEV="eth1" VN_MAD="802.1Q" ADDRESS RANGE POOL AR 0 SIZE : 30 LEASES : 0 RANGE FIRST LAST IP 10.20.30.50 10.20.30.79
STATE should show READY before VM templates use the network. If it shows ERROR, inspect the error text in the network record and the front-end logs before adding leases or attaching VMs.
- Confirm the virtual network pool lists the new network as ready.
$ onevnet list ID USER GROUP NAME CLUSTER BRIDGE STATE LEASES 0 oneadmin oneadmin service 0 onebr0 rdy 4 101 oneadmin oneadmin prod-lan 100 onebr101 rdy 0
- Instantiate a held smoke VM with the new NIC.
$ onetemplate instantiate ubuntu-24.04-base --name net-smoke --nic prod-lan --hold VM ID: 43
A held VM receives the NIC definition without starting on a host. Use a small template that already has a valid image, CPU, memory, and contextualization settings for the target cluster.
- Verify that the smoke VM received a lease from the new network.
$ onevm show 43 VIRTUAL MACHINE 43 INFORMATION ID : 43 NAME : net-smoke USER : oneadmin GROUP : oneadmin STATE : HOLD LCM_STATE : LCM_INIT VIRTUAL MACHINE TEMPLATE NIC=[ NETWORK="prod-lan", NETWORK_ID="101", IP="10.20.30.50", MAC="02:00:0a:14:1e:32"]
The IP value should fall inside the address range created in the virtual network template.
- Remove the held smoke VM after the lease check.
$ onevm terminate --hard 43
Terminate only the temporary smoke VM created for the network lease check.