i think it wouldn't work out of box ovirt will overwrite all your routes and network. you might try to tell ovirt do jot maintain the network of a interface where you got a docker and also add custom rules in the firewall ports template on the engine.
<tho...@hoberg.net> schrieb am So., 12. Apr. 2020, 15:51: > I want to run containers and VMs side by side and not necessarily nested. > The main reason for that is GPUs, Voltas mostly, used for CUDA machine > learning not for VDI, which is what most of the VM orchestrators like oVirt > or vSphere seem to focus on. And CUDA drivers are notorious for refusing to > work under KVM unless you pay $esla. > > oVirt is more of a side show in my environment, used to run some smaller > functional VMs alongside bigger containers, but also in order to > consolidate and re-distribute the local compute node storage as a Gluster > storage pool: Kibbutz storage and compute, if you want, very much how I > understand the HCI philosophy behind oVirt. > > The full integration of containers and VMs is still very much on the > roadmap I believe, but I was surprised to see that even co-existence seems > to be a problem currently. > > So I set-up a 3-node HCI on CentOS7 (GPU-less and older) hosts and then > added additional (beefier GPGPU) CentOS7 hosts, that have been running CUDA > workloads on the latest Docker-CE v19 something. > > The installation works fine, I can migrate VMs to these extra hosts etc., > but to my dismay Docker containers on these hosts lose access to the local > network, that is the entire subnet the host is in. For some strange reason > I can still ping Internet hosts, perhaps even everything behind the host's > gateway, but local connections are blocked. > > It would seem that the ovritmgmt network that the oVirt installation puts > in breaks the docker0 bridge that Docker put there first. > > I'd consider that a bug, but I'd like to gather some feedback first, if > anyone else has run into this problem. > > I've repeated this several times in completely distinct environments with > the same results: > > Simply add a host with a working Docker-CE as an oVirt host to an existing > DC/cluster and then try if you can still ping anyone on that net, including > the Docker host from a busybox container afterwards (should try that ping > just before you actually add it). > > No, I didn't try this with podman yet, because that's separate challenge > with CUDA: Would love to know if that is part of QA for oVirt already. > _______________________________________________ > Users mailing list -- users@ovirt.org > To unsubscribe send an email to users-le...@ovirt.org > Privacy Statement: https://www.ovirt.org/privacy-policy.html > oVirt Code of Conduct: > https://www.ovirt.org/community/about/community-guidelines/ > List Archives: > https://lists.ovirt.org/archives/list/users@ovirt.org/message/WKLB3IAN7FJUHZOPMUGK57Y3YUJ6NM5Q/ >
_______________________________________________ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/PR6N6XRBBSEFD3KIQUHXVDGEE52F4SVV/
