We are moving away from vmWare to XCP-ng and Xen Orchestra.
Sometimes we want to start up a VM isolated from any network without affecting the configuration of the VM itself.
Is there any way to simulate “cable disconnected” in XCP-ng or Xen Orchestra?
In vmWare it’s very easy but I can’t figure it out in Xen.
/m
Clone the virtual machine, and remove the network settings
And still the configuration has changed. I need to do this without affecting the configuration/functionality of the VM.
Out of the box, the only time the system will do this is a health check on the backup jobs
Have a xcp-ng network that is connected to a switch port which is disabled.
Clone the machine, and change the network card to above
So, from what I understand, it cant be done.
In XO, can’t you just click on the network to disconnect it? No settings in the VM should change, just that the network cable should be “unplugged”. Is this what you want?
Seems to work the way I describe above when I click it to change modes, you can lock it if you want to make sure it can not come back up.
The use case is as follows.
A VM have behaved suspicious and has been turned off.
I want to investigate the VM without worrying about it being connected to the network.
Either I want to restart it, or I want to restore a backup and start it without it being able to connect to the network.
The connect/disconnect can’t be set while the VM is off, only when the VM is running, which in my case is to late.
OK, now I understand. I didn’t know that you can’t lock the disconnect if the VM is powered down… Hmmm… Could you rate limit the connection down to zero?
I bet there is something you can do in the terminal on the host, but I’m not fluent in that.
The only other thing I can think of is to migrate the VM to a quarantine host that doesn’t have any connections to those networks, but the networks are still present, or an isolated switch connected to those networks so the VM thinks the network is still present. Kind of a pain but might be the only way.
The above is referenced to 8.2 LTS, my 8.3 beta system is not powered up right now, but I don’t think anything will be different.
VIF Plug and unplug seem to be the only thing that might apply, and not sure it will hold during power off to power on state. [edit] says VIF unplug only works on running VM, so not an option here.
Allowed IP might be something to look into to block this, but again, might not last on power up.
You can also just switch the VM to a network that has no access.
Thanks, I had the same idea as a fallback and after the discussion here I think that this is the best workaround for not beeing able to disconnectthe interface.
Thanks all, for your input to this matter!
