06 虚拟化Open vSwitch环境部署
本节给出部署Open vSwitch网桥环境的部署方法,使虚拟机连接到网络。
6.1 安装Open vSwitch网桥
Open vSwitch网桥,具有更便捷的自动化编排能力。部署Open vSwitch网桥需要安装网络虚拟化组件,这里介绍总体操作。
6.1.1 安装Open vSwitch组件
使用Open vSwitch提供虚拟网络,需要安装Open vSwitch网络虚拟化组件,使用root用户执行如下命令:
6.1.1.1 安装Open vSwitch组件
# yum install -y openvswitch
示例命令如下:
[root@superman-21 ~]# yum install -y openvswitch
Last metadata expiration check: 1:59:06 ago on 2023年02月07日 星期二 15时30分31秒.
Dependencies resolved.
============================================================================================================================
Package Architecture Version Repository Size
============================================================================================================================
Installing:
openvswitch x86_64 2.12.4-2.oe2203 update 2.0 M
Installing dependencies:
python3-unversioned-command x86_64 3.9.9-7.oe2203 OS 9.3 k
Transaction Summary
============================================================================================================================
Install 2 Packages
Total download size: 2.0 M
Installed size: 7.5 M
Downloading Packages:
(1/2): openvswitch-2.12.4-2.oe2203.x86_64.rpm 3.1 MB/s | 2.0 MB 00:00
(2/2): python3-unversioned-command-3.9.9-7.oe2203.x86_64.rpm 7.5 kB/s | 9.3 kB 00:01
----------------------------------------------------------------------------------------------------------------------------
Total 1.6 MB/s | 2.0 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : python3-unversioned-command-3.9.9-7.oe2203.x86_64 1/2
Running scriptlet: openvswitch-2.12.4-2.oe2203.x86_64 2/2
Installing : openvswitch-2.12.4-2.oe2203.x86_64 2/2
Running scriptlet: openvswitch-2.12.4-2.oe2203.x86_64 2/2
Verifying : python3-unversioned-command-3.9.9-7.oe2203.x86_64 1/2
Verifying : openvswitch-2.12.4-2.oe2203.x86_64 2/2
Installed:
openvswitch-2.12.4-2.oe2203.x86_64 python3-unversioned-command-3.9.9-7.oe2203.x86_64
Complete!
[root@superman-21 ~]#
6.1.1.2 启动Open vSwitch服务
# systemctl start openvswitch
示例命令如下:
[root@superman-21 ~]# systemctl start openvswitch
[root@superman-21 ~]#
6.1.1.3 设置Open vSwitch服务随系统自动启动
# systemctl enable openvswitch
示例命令如下:
[root@superman-21 ~]# systemctl enable openvswitch
Created symlink /etc/systemd/system/multi-user.target.wants/openvswitch.service → /usr/lib/systemd/system/openvswitch.service.
[root@superman-21 ~]#
6.1.2 确认安装是否成功
6.1.2.1确认 Open vSwitch组件是否安装成功
确认 openvswitch 组件是否安装成功若安装成功,可以查看软件包相关信息。
# rpm -qi openvswitch
示例命令如下:
[root@superman-21 ~]# rpm -qi openvswitch
Name : openvswitch
Version : 2.12.4
Release : 2.oe2203
Architecture: x86_64
Install Date: 2023年02月07日 星期二 17时29分41秒
Group : Unspecified
Size : 7915888
License : ASL 2.0 and ISC
Signature : RSA/SHA1, 2023年01月11日 星期三 14时35分44秒, Key ID d557065eb25e7f66
Source RPM : openvswitch-2.12.4-2.oe2203.src.rpm
Build Date : 2022年12月29日 星期四 08时00分00秒
Build Host : obs-worker1639015616-x86-0004
Packager : http://openeuler.org
Vendor : http://openeuler.org
URL : http://www.openvswitch.org/
Summary : Production Quality, Multilayer Open Virtual Switch
Description :
Open vSwitch is a production quality, multilayer virtual switch licensed under
the open source Apache 2.0 license.
[root@superman-21 ~]#
6.1.2.2 查看Open vSwitch服务是否启动成功
查看Open vSwitch服务是否启动成功。若服务处于 “Active” 状态,说明服务启动成功,可以正常使用Open vSwitch提供的命令行工具。
# systemctl status openvswitch
示例命令如下:
[root@superman-21 ~]# systemctl status openvswitch
● openvswitch.service - Open vSwitch
Loaded: loaded (/usr/lib/systemd/system/openvswitch.service; enabled; vendor preset: disabled)
Active: active (exited) since Tue 2023-02-07 17:30:40 CST; 2min 56s ago
Main PID: 2393 (code=exited, status=0/SUCCESS)
2月 07 17:30:40 superman-21 systemd[1]: Starting Open vSwitch...
2月 07 17:30:40 superman-21 systemd[1]: Finished Open vSwitch.
[root@superman-21 ~]#
6.2 配置Open vSwitch网桥
以创建Open vSwitch网桥br0为例,介绍部署方法,使用root用户执行如下命令:
6.2.1 创建Open vSwitch网桥br0
# ovs-vsctl add-br br0
示例命令如下:
[root@superman-21 ~]# ovs-vsctl add-br br0
[root@superman-21 ~]#
查看创建的网桥br0
# ovs-vsctl show
示例命令如下:
[root@superman-21 ~]# ovs-vsctl show
79bc1847-78d1-4fab-871e-c84e020d5922
Bridge "br0"
Port "br0"
Interface "br0"
type: internal
ovs_version: "2.12.4"
[root@superman-21 ~]#
6.2.2 将物理网卡ens33添加到br0
# ovs-vsctl add-port br0 ens33
示例命令如下:
[root@superman-21 ~]# ovs-vsctl add-port br0 ens33
[root@superman-21 ~]#
查看添加物理网卡后br0的配置
用ovs-vsctl show查看当前Linux网桥的配置,ens33已经挂到br0上了
# ovs-vsctl show
示例命令如下:
[root@superman-21 ~]# ovs-vsctl show
79bc1847-78d1-4fab-871e-c84e020d5922
Bridge "br0"
Port "br0"
Interface "br0"
type: internal
Port "ens33"
Interface "ens33"
ovs_version: "2.12.4"
[root@superman-21 ~]#
6.2.3 配置ens33的ip
ens33与网桥连接后,不再需要IP地址,将ens33的IP设置为0.0.0.0。
# ifconfig ens33 0.0.0.0
示例命令如下:
[root@superman-21 ~]# ifconfig ens33 0.0.0.0
[root@superman-21 ~]#
[root@superman-21 ~]# ip add list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master ovs-system state UP group default qlen 1000
link/ether 00:0c:29:96:c9:d7 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet6 fe80::40eb:1165:7034:a230/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:96:c9:e1 brd ff:ff:ff:ff:ff:ff
altname enp2s4
inet 10.0.0.121/24 brd 10.0.0.255 scope global noprefixroute ens36
valid_lft forever preferred_lft forever
inet6 fe80::fbf9:fa7c:9c8a:8f34/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether ce:29:02:9c:f2:95 brd ff:ff:ff:ff:ff:ff
5: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0c:29:96:c9:d7 brd ff:ff:ff:ff:ff:ff
[root@superman-21 ~]#
6.2.4 为OVS网桥br0分配IP
6.2.4.1 DHCP设置
如果有DHCP服务器,可以通过 dhclient 设置动态 IP 地址。
# dhclient br0
示例命令如下:
[root@superman-21 ~]# dhclient br0
[root@superman-21 ~]#
查看DHCP ip设置后的信息
# ip add list
示例命令如下:
[root@superman-21 ~]# ip add list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master ovs-system state UP group default qlen 1000
link/ether 00:0c:29:96:c9:d7 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet6 fe80::40eb:1165:7034:a230/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:96:c9:e1 brd ff:ff:ff:ff:ff:ff
altname enp2s4
inet 10.0.0.121/24 brd 10.0.0.255 scope global noprefixroute ens36
valid_lft forever preferred_lft forever
inet6 fe80::fbf9:fa7c:9c8a:8f34/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether ce:29:02:9c:f2:95 brd ff:ff:ff:ff:ff:ff
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 00:0c:29:96:c9:d7 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.131/24 brd 192.168.1.255 scope global dynamic br0
valid_lft 7255sec preferred_lft 7255sec
inet6 fe80::20c:29ff:fe96:c9d7/64 scope link
valid_lft forever preferred_lft forever
[root@superman-21 ~]#
6.2.4.2 静态ip设置
如果没有 DHCP 服务器,给br0配置静态IP,例如192.168.1.21。
# ifconfig br0 192.168.1.21
示例命令如下:
[root@superman-21 ~]# ifconfig br0 192.168.1.21
[root@superman-21 ~]#
查看静态ip设置后的信息
# ip add list
示例命令如下:
[root@superman-21 ~]# ip add list
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master ovs-system state UP group default qlen 1000
link/ether 00:0c:29:96:c9:d7 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet6 fe80::40eb:1165:7034:a230/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: ens36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:96:c9:e1 brd ff:ff:ff:ff:ff:ff
altname enp2s4
inet 10.0.0.121/24 brd 10.0.0.255 scope global noprefixroute ens36
valid_lft forever preferred_lft forever
inet6 fe80::fbf9:fa7c:9c8a:8f34/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether ce:29:02:9c:f2:95 brd ff:ff:ff:ff:ff:ff
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 00:0c:29:96:c9:d7 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.21/24 brd 192.168.1.255 scope global br0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe96:c9d7/64 scope link
valid_lft forever preferred_lft forever
[root@superman-21 ~]#
👍 点赞,你的认可是我创作的动力!
⭐️ 收藏,你的青睐是我努力的方向!
✏️ 评论,你的意见是我进步的财富!
