Virtual Routers

Deploy a virtual router in a VM

Starting with version v0.27.0, Cozystack can deploy virtual routers (also known as “router appliances” or “middlebox appliances”). This feature allows you to create a virtual router based on a virtual machine instance. The virtual router can route traffic between different networks.

Creating a Virtual Router

Creating a virtual router requires a Cozystack administrator account.

Create a VM Instance
Use the standard vm-instance and virtual-machine packages to create a virtual machine instance.

Disable Anti-Spoofing Protection
To act as a virtual router, the VM instance should have anti-spoofing protection disabled:

kubectl patch virtualmachines.kubevirt.io virtual-machine-example --type=merge \
    -p '{"spec":{"template":{"metadata":{"annotations":{"ovn.kubernetes.io/port_security": "false"}}}}}'

Restart the Virtual Machine

virtctl stop virtual-machine-example
virtctl start virtual-machine-example

Retrieve the IP Address of the VM

kubectl get vmi

The output will have a line with the new VM’s IP address:

NAME                      AGE     PHASE     IP            NODENAME        READY
virtual-machine-example   3d4h    Running   10.244.8.56   gld-csxhk-003   True

Configure Custom Routes for a Tenant
Edit the tenant namespace:
```
kubectl edit namespace tenant-example
```
Add the following annotation using the router IP you found earlier as gw and the subnet mask for the router to handle as dst:
```
ovn.kubernetes.io/routes: |
  [{
    "gw": "10.244.8.56",
    "dst": "10.10.13.0/24"
  }]
```

These custom routes will now be applied to all pods within the tenant namespace.

Last modified 2025-07-23: [docs] Move reference for VM and networking-related apps to corresponding sections (023bace)

CozySummit Virtual 2025 · December 3 · Register Now

Virtual Routers

Creating a Virtual Router