KVM虛擬機&openVSwitch雜記(1)
阿新 • • 發佈:2018-04-10
openVSwitch 虛擬化網絡一、openVSwitch(CentOS7)
master1(192.168.1.1),master2(192.168.1.2)作為運行虛擬機的計算節點,master3(10.201.106.133)作為網絡節點
1、配置兩個計算節點
1.1 每個計算節點準備兩塊網卡
1.2 配置網關(網絡)節點,master3(192.168.1.254)
同樣擁有兩塊網卡,一塊連接內部網絡,一塊連接外網nat轉換。
打開路由轉發功能: [root@master3 ~]# vim /etc/sysctl.conf net.ipv4.ip_forward = 1 立即生效: [root@master3 ~]# sysctl -p net.ipv4.ip_forward = 1 做nat轉換 [root@master3 ~]# iptables -t nat -A POSTROUTING -s 192.168.1.0/24 ! -d 192.168.1.0/24 -j SNAT --to-source 10.201.106.133
測試:master1,2已經可以聯通外網
1.3 master1,2安裝openvswitch
安裝依賴包: yum -y install make gcc openssl-devel autoconf automake rpm-build redhat-rpm-config 1.3.1 下載包: [root@master1 ~]# wget http://openvswitch.org/releases/openvswitch-2.5.0.tar.gz 1.3.2 準備構建rpm包 [root@master1 ~]# mkdir -p ~/rpmbuild/SOURCES [root@master1 ~]# cp openvswitch-2.5.0.tar.gz ~/rpmbuild/SOURCES/ 解壓: [root@master1 ~]# tar xf openvswitch-2.5.0.tar.gz 修改配置文件 [root@master1 ~]# sed ‘s/openvswitch-kmod, //g‘ openvswitch-2.5.0/rhel/openvswitch.spec > openvswitch-2.5.0/rhel/openvswitch_no_kmod.spec 1.3.3 構建RPM包: [root@master1 ~]#rpmbuild -bb --nocheck ~/openvswitch-2.5.0/rhel/openvswitch_no_kmod.spec 1.3.4 安裝 yum localinstall ~/rpmbuild/RPMS/x86_64/openvswitch-2.5.0-1.x86_64.rpm 1.3.5 啟動服務 [root@master1 ~]# systemctl start openvswitch.service master2節點同上配置即可。 查看安裝了哪些文件: [root@master1 ~]# rpm -ql openvswitch
2、openVSwitch配置
2.1 雜項
查看當前ovs版本:
[root@master1 ~]# ovs-vsctl show
85eb6797-6dd5-4c5f-aaf8-b7b242b633ae
ovs_version: "2.5.0"
查看ovs使用幫助
[root@master1 ~]# ovs-vsctl --help2.2 添加內部通信網橋
[root@master1 ~]# ovs-vsctl add-br br-in [root@master1 ~]# ovs-vsctl show 85eb6797-6dd5-4c5f-aaf8-b7b242b633ae Bridge br-in Port br-in Interface br-in type: internal 打開內部網橋: [root@master1 ~]# ifconfig br-in up
上
顯示所有橋:
[root@master1 ~]# ovs-vsctl list-br
br-in
將eth1網卡添加進內部網橋br-in
[root@master1 ~]# ovs-vsctl add-port br-in eth1
[root@master1 ~]# ovs-vsctl list-ports br-in
eth1
查看接口:
[root@master1 ~]# ovs-vsctl list-ifaces br-in
eth12.3 查看ovs數據庫信息
查看interface表信息:
[root@master1 ~]# ovs-vsctl list Interface
只查看interface表中eth1的信息:
[root@master1 ~]# ovs-vsctl list Interface eth1
顯示端口表信息:
[root@master1 ~]# ovs-vsctl list Port
通過條件查找,表裏面的信息:
[root@master1 ~]# ovs-vsctl find Port name=‘eth1‘3、啟動兩個虛擬機,並橋接到內部橋接口
由於暫時不需要兩臺宿主機(計算節點)通信,先從內部橋移除eth1
[root@master1 ~]# ovs-vsctl del-port br-in eth13.1 創建虛擬機
安裝qemu-kvm
[root@master1 ~]# yum install qemu-kvm
創建存放磁盤映像的目錄:
[root@master1 ~]# mkdir -pv /vm/images
mkdir: 已創建目錄 "/vm"
mkdir: 已創建目錄 "/vm/images"
[root@master1 ~]# cd /vm/images/
[root@master1 images]# ls
cirros-no_cloud-0.3.0-i386-disk.img cirros-no_cloud-0.3.0-x86_64-disk.img
啟動網卡腳本:
# vim /etc/if-up
#!/bin/bash
bridge=br-in
if [ -n "$1" ]; then
ip link set $1 up
sleep 1
ovs-vsctl add-port $bridge $1
[ $? -eq 0 ] && exit 0 || exit 1
else
echo "Error:no port specified."
exit 2
fi
給腳本添加執行權限:
[root@master1 ~]# chmod +x /etc/if-up
移除網卡腳本:
[root@master1 ~]# cat /etc/if-down
#!/bin/bash
bridge=br-in
if [ -n "$1" ]; then
ip link set $1 down
sleep 1
ovs-vsctl del-port $bridge $1
[ $? -eq 0 ] && exit 0 || exit 1
else
echo "Error:no port specified."
exit 2
fi
[root@master1 ~]# chmod +x /etc/if-down
創建第一臺虛擬機(放到後臺運行):
[root@master1 images]# qemu-kvm -name "c1" -m 128 -smp 1 -drive file=/vm/images/cirros-no_cloud-0.3.0-i386-disk.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:01 -net tap,ifname=vif1.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
VNC server running on `::1:5900‘
安裝vnc客戶端
[root@master1 ~]# yum install tigervnc
vnc連接查看:
[root@master1 ~]# vncviewer :5900
啟動第二個虛擬機:
[root@master1 ~]# qemu-kvm -name "c2" -m 128 -smp 1 -drive file=/vm/images/cirros-no_cloud-0.3.0-x86_64-disk.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:02 -net tap,ifname=vif2.0,script=/etc/if-up,downscript=/etc/if-down -daemonize
VNC server running on `::1:5901‘
查看內部網橋:
[root@master1 ~]# ovs-vsctl show
85eb6797-6dd5-4c5f-aaf8-b7b242b633ae
Bridge br-in
Port "vif2.0"
Interface "vif2.0"
Port "vif1.0"
Interface "vif1.0"
Port br-in
Interface br-in
type: internal3.2 兩個虛擬機配置IP互通
3.3 設置兩個虛擬機處於不同VLAN中
修改tag(vlan ID號)
[root@master1 ~]# ovs-vsctl set port vif1.0 tag=10
[root@master1 ~]# ovs-vsctl list port vif1.0 | grep tag
tag : 10已經無法ping通:
把vif2.0網口也設置vlan10後又可以ping通了
[root@master1 ~]# ovs-vsctl set port vif2.0 tag=10
4、跨交換機(橋)測試【同一宿主機】
4.1 創建第二臺交換機(橋)
修改腳本
[root@master1 ~]# cp -a /etc/if-up /etc/if-up2
[root@master1 ~]# cp -a /etc/if-down /etc/if-down2
[root@master1 ~]# vim /etc/if-up2
#!/bin/bash
bridge="br-test"
[root@master1 ~]# vim /etc/if-down2
#!/bin/bash
bridge="br-test"
創建第二個交換機(橋)
[root@master1 ~]# ovs-vsctl add-br br-test
[root@master1 ~]# ovs-vsctl list-br
br-in
br-test4.2 創建第三臺虛擬機加入br-test橋
拷貝磁盤映像文件:
[root@master1 ~]# cp /vm/images/cirros-no_cloud-0.3.0-i386-disk.img /vm/images/c3.img
[root@master1 ~]# qemu-kvm -name "c3" -m 128 -smp 1 -drive file=/vm/images/c3.img,media=disk,if=virtio -net nic,model=virtio,macaddr=52:54:00:00:00:03 -net tap,ifname=vif3.0,script=/etc/if-up2,downscript=/etc/if-down2 -daemonize
VNC server running on `::1:5902‘
[root@master1 ~]# ovs-vsctl show
85eb6797-6dd5-4c5f-aaf8-b7b242b633ae
Bridge br-in
Port "vif2.0"
tag: 10
Interface "vif2.0"
Port "vif1.0"
tag: 10
Interface "vif1.0"
Port br-in
Interface br-in
type: internal
Bridge br-test
Port br-test
Interface br-test
type: internal
Port "vif3.0"
Interface "vif3.0"4.3 設置C3虛擬機的IP在同一網段和同個VLAN號
設置vif3.0網口的vlan號為10
[root@master1 ~]# ovs-vsctl set port vif3.0 tag=104.4 將兩個交換機(網橋)互聯
創建一對網卡名為s0和s1,s0在br-in,s1在br-test,即可實現互聯功能
[root@master1 ~]# ip link add s0 type veth peer name s1
[root@master1 ~]# ip link show | egrep "s0|s1"
17: s1@s0: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
18: s0@s1: <BROADCAST,MULTICAST,M-DOWN> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
激活網卡:
[root@master1 ~]# ip link set s0 up
[root@master1 ~]# ip link set s1 up
將網卡添加至對應交換機(網橋):
[root@master1 ~]# ovs-vsctl add-port br-in s0
[root@master1 ~]# ovs-vsctl add-port br-test s1
[root@master1 ~]# ovs-vsctl show
85eb6797-6dd5-4c5f-aaf8-b7b242b633ae
Bridge br-in
Port "vif2.0"
tag: 10
Interface "vif2.0"
Port "s0"
Interface "s0"
Port "vif1.0"
tag: 10
Interface "vif1.0"
Port br-in
Interface br-in
type: internal
Bridge br-test
Port br-test
Interface br-test
type: internal
Port "s1"
Interface "s1"
Port "vif3.0"
tag: 10
Interface "vif3.0"從C3測試網絡又通了:
PS:移除vlan tag:
[root@master1 ~]# ovs-vsctl remove port vif3.0 tag 10
重新添加:
[root@master1 ~]# ovs-vsctl set port vif3.0 tag=104.5 設置兩個交換機(網橋)互聯口為trunk模式,並放行相應vlan
####剛才默認應該是trunk模式,所以兩個交換機的虛擬機只要處於同個vlan號就能互相通信
[root@master1 ~]# ovs-vsctl set port s0 trunks=10
[root@master1 ~]# ovs-vsctl set port s1 trunks=10KVM虛擬機&openVSwitch雜記(1)