OVS, Benim icin yeni bir baslangic – 1

Merhaba ,

Bu yazi aslinda kvm-benim-icin-yeni-bir-baslangic-networking-1 OVS ‘ cesi diyebiliriz. Tabirler icinde buraya bakmanizi rica edecegim.

Oncelikle bir Ubuntu isletim sistemi uzerinde hangi “openvswitch” paketleri var bi ona goz atalim.

noroot@kvm-ovs-server1:~$ apt-cache search openvswitch

neutron-plugin-openvswitch – Neutron is a virtual network service for Openstack – Open vSwitch plugin

neutron-plugin-openvswitch-agent – Neutron is a virtual network service for Openstack – Open vSwitch plugin agent

openvswitch-common – Open vSwitch common components

openvswitch-controller – Open vSwitch controller implementation

openvswitch-dbg – Debug symbols for Open vSwitch packages

openvswitch-pki – Open vSwitch public key infrastructure dependency package

openvswitch-switch – Open vSwitch switch implementations

openvswitch-datapath-dkms – Open vSwitch datapath module source – DKMS version

openvswitch-datapath-source – Open vSwitch datapath module source – module-assistant version

openvswitch-ipsec – Open vSwitch GRE-over-IPsec support

openvswitch-test – Open vSwitch test package

python-openvswitch – Python bindings for Open vSwitch

Ilk KVM kurulum makalesi aksine bridge-utils kurmuyorum, buna ihtiyac olmayacak cunku herseyi OVS programciklari tarafindan yapilacak (ovs-vsctl gibi)

noroot@kvm-ovs-server1:~$ sudo apt-get install qemu-kvm libvirt-bin ubuntu-vm-builder

libvirt -Default- network kaldiriyoruz , kafa karistirmasin

noroot@kvm-ovs-server1:~$ sudo virsh net-destroy default

setlocale: No such file or directory

Network default destroyed

noroot@kvm-ovs-server1:~$ sudo virsh net-autostart –disable default

setlocale: No such file or directory

Network default unmarked as autostarted

Linuxbridge yerine OVS kullanacagimizdan “ebtables” a gerek yok , kaldiralim

 

noroot@kvm-ovs-server1:~$ dpkg –get-selections | grep ebtables

ebtables install

 

noroot@kvm-ovs-server1:~$ sudo apt-get remove ebtables

Reading package lists… Done

Building dependency tree

Reading state information… Done

The following packages will be REMOVED:

ebtables

0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.

After this operation, 379 kB disk space will be freed.

Do you want to continue? [Y/n] Y

perl: warning: Setting locale failed.

perl: warning: Please check that your locale settings:

LANGUAGE = (unset),

LC_ALL = (unset),

LC_CTYPE = “UTF-8”,

LANG = “en_US.UTF-8”

are supported and installed on your system.

perl: warning: Falling back to the standard locale (“C”).

locale: Cannot set LC_CTYPE to default locale: No such file or directory

locale: Cannot set LC_ALL to default locale: No such file or directory

(Reading database … 94293 files and directories currently installed.)

Removing ebtables (2.0.10.4-3ubuntu1) …

* Clearing ebtables rulesets                                                                                                                               [ OK ]

Processing triggers for man-db (2.6.7.1-1ubuntu1) …

Yukardaki islemlerden sonra host’a bir reboot gonderdim , temiz olsun …

Simdi OVS Kuralim

Burada sunu soylemekte fayda var, web’de aradiginizda OVS kurmak icin sadece asagidaki paket degil ek olarak “openvswitch-controller” ve “openvswitch-datapath” de ekleniyor fakat ben baslangicta bunlari eklemedim , bunun nedeni oncelikle “openvswitch-controller” gordugum kadariyla openstack kurulumunda kullanilmamis , normalde openvswitch lerin controller’a baglanabilme ve bu switch’lerden MAC bilgilerini ogrenme gibi durumlar var fakat ben bunu su anda uygulamiyorum kaldi ki “openvswitch-datapath” ile ilgili bir paket de kurmuyorum , datapath kaframini biraz daha iyi ogrenince buna tekrar donecegim ama yaptigim test icin asagida yazdigim hersey yeterli oldu simdilik.

 

noroot@kvm-ovs-server1:~$ sudo apt-get install openvswitch-switch

Reading package lists… Done

Building dependency tree

Reading state information… Done

The following extra packages will be installed:

openvswitch-common

Suggested packages:

openvswitch-datapath-module

The following NEW packages will be installed:

openvswitch-common openvswitch-switch

0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.

Need to get 1308 kB of archives.

After this operation, 6265 kB of additional disk space will be used.

Do you want to continue? [Y/n]

Evet loglara bir bakalim , aslinda loglara bakmamdaki neden hem referance olmasi hemde openvswitch db’sinin yaratildigini gormek

Log

Dec  7 13:07:28 kvm-ovs-server1 kernel: [  314.178283] openvswitch: Open vSwitch switching datapath

Dec  7 13:07:28 kvm-ovs-server1 ovs-vsctl: ovs|00001|vsctl|INFO|Called as ovs-vsctl –no-wait — init — set Open_vSwitch . db-version=7.3.0

Dec  7 13:07:28 kvm-ovs-server1 ovs-vsctl: ovs|00001|vsctl|INFO|Called as ovs-vsctl –no-wait set Open_vSwitch . ovs-version=2.0.2 “external-ids:system-id=\”5935bcf0-e90c-458b-bed4-cf60fdf6852b\”” “system-type=\”Ubuntu\”” “system-version=\”14.04-trusty\””

Process’lere Bakalim

root      2246     1  0 13:07 ?        00:00:00 ovsdb-server: monitoring pid 2247 (healthy)

root      2247  2246  0 13:07 ?        00:00:00 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info –remote=punix:/var/run/openvswitch/db.sock –private-key=db:Open_vSw

root      2256     1  0 13:07 ?        00:00:00 ovs-vswitchd: monitoring pid 2257 (healthy)

root      2257  2256  0 13:07 ?        00:00:00 ovs-vswitchd unix:/var/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info –mlockall –no-chdir –log-file=/var/log/openvswitch/ovs-vs

lsmod ciktisi

Dikkat edin simdilik ortaliklarda gezen bir bridge modulu yok🙂

noroot@kvm-ovs-server1:~$ lsmod | grep open

openvswitch            69940  0

gre                    13796  1 openvswitch

libcrc32c              12644  1 openvswitch

vxlan                  37629  2 be2net,openvswitch

Daha once brctl show yapiyorduk simdi ovs-vsctl show

noroot@kvm-ovs-server1:~$ sudo ovs-vsctl show
4d2bc225-4cd5-4344-84c1-1d39a5fa73be  –> Bu openvswitch in UUID si
ovs_version: “2.0.2” –-> Buda kullandiginiz OVS in versionu

Versionunda gorduk , OVS 2.3 icin Ubunti 15.x i kurun …

Bir DB var ortaliklarda OVSDB , kendisi konfigrasyonu tutuyor acildiginda burada hersey ayga kaldirmak icin , tablolari gorelim

noroot@kvm-ovs-server1:~$ sudo ovsdb-client list-tables
Table
————————-
Port
Manager
Bridge
Interface
SSL
IPFIX
Open_vSwitch
Queue
NetFlow
Mirror
QoS
Controller
Flow_Table
sFlow
Flow_Sample_Collector_Set

Birde icerigini gorelim

noroot@kvm-ovs-server1:~$ sudo ovsdb-client dump
Bridge table
_uuid controller datapath_id datapath_type external_ids fail_mode flood_vlans flow_tables ipfix mirrors name netflow other_config ports protocols sflow status stp_enable
—– ———- ———– ————- ———— ——— ———– ———– —– ——- —- ——- ———— —– ——— —– —— ———-

Controller table
_uuid connection_mode controller_burst_limit controller_rate_limit enable_async_messages external_ids inactivity_probe is_connected local_gateway local_ip local_netmask max_backoff other_config role status target
—– ————— ———————- ——————— ——————— ———— —————- ———— ————- ——– ————- ———– ———— —- —— ——

Flow_Sample_Collector_Set table
_uuid bridge external_ids id ipfix
—– —— ———— — —–

Flow_Table table
_uuid flow_limit groups name overflow_policy
—– ———- —— —- —————

IPFIX table
_uuid cache_active_timeout cache_max_flows external_ids obs_domain_id obs_point_id sampling targets
—– ——————– ————— ———— ————- ———— ——– ——-

Interface table
_uuid admin_state bfd bfd_status cfm_fault cfm_fault_status cfm_health cfm_mpid cfm_remote_mpids cfm_remote_opstate duplex external_ids ifindex ingress_policing_burst ingress_policing_rate lacp_current link_resets link_speed link_state mac mac_in_use mtu name ofport ofport_request options other_config statistics status type
—– ———– — ———- ——— —————- ———- ——– —————- —————— —— ———— ——- ———————- ——————— ———— ———– ———- ———- — ———- — —- —— ————– ——- ———— ———- —— —-

Manager table
_uuid connection_mode external_ids inactivity_probe is_connected max_backoff other_config status target
—– ————— ———— —————- ———— ———– ———— —— ——

Mirror table
_uuid external_ids name output_port output_vlan select_all select_dst_port select_src_port select_vlan statistics
—– ———— —- ———– ———– ———- ————— ————— ———– ———-

NetFlow table
_uuid active_timeout add_id_to_interface engine_id engine_type external_ids targets
—– ————– ——————- ——— ———– ———— ——-

Open_vSwitch table
_uuid                                bridges cur_cfg db_version external_ids                                       manager_options next_cfg other_config ovs_version ssl statistics system_type system_version
———————————— ——- ——- ———- ————————————————– ————— ——– ———— ———– — ———- ———– ————–
4d2bc225-4cd5-4344-84c1-1d39a5fa73be []      0       “7.3.0”    {system-id=”5935bcf0-e90c-458b-bed4-cf60fdf6852b”} []              0        {}           “2.0.2”     []  {}         Ubuntu      “14.04-trusty”

Port table
_uuid bond_downdelay bond_fake_iface bond_mode bond_updelay external_ids fake_bridge interfaces lacp mac name other_config qos statistics status tag trunks vlan_mode
—– ————– ————— ——— ———— ———— ———– ———- —- — —- ———— — ———- —— — —— ———

QoS table
_uuid external_ids other_config queues type
—– ———— ———— —— —-

Queue table
_uuid dscp external_ids other_config
—– —- ———— ————

SSL table
_uuid bootstrap_ca_cert ca_cert certificate external_ids private_key
—– —————– ——- ———– ———— ———–

sFlow table
_uuid agent external_ids header polling sampling targets
—– —– ———— —— ——- ——– ——-

Simdi ilk OVS bridge’imizi yaratalim

noroot@kvm-ovs-server1:~$ sudo ovs-vsctl add-br bridge1

Hemen neler degismis gorelim ….

noroot@kvm-ovs-server1:~$ sudo ovs-vsctl show
4d2bc225-4cd5-4344-84c1-1d39a5fa73be
Bridge “bridge1” –> vswitch
Port “bridge1”
Interface “bridge1” –> Bridge Interface , istenir/gerekir ise bridge interface’e ip atayabilirsiniz.
type: internal
ovs_version: “2.0.2”

Brctl ciktisinda hicbirsey yok ….

noroot@kvm-ovs-server1:~$ brctl show
bridge name    bridge id        STP enabled    interfaces

Fakat ilk bridge i ekledigimizde Bridge modulu geldi

noroot@kvm-ovs-server1:~$ lsmod | grep bridge
bridge                116198  0
stp                    12976  1 bridge
llc                    14396  2 stp,bridge

Peki simdi fiziksel interface’imizi bridge e baglayalim (bu arada sanal interface lerde boyle ekleniyor)

noroot@kvm-ovs-server1:~$ sudo ovs-vsctl add-port bridge1 em2

Hemen neler degismis gorelim ….

noroot@kvm-ovs-server1:~$ sudo ovs-vsctl show
4d2bc225-4cd5-4344-84c1-1d39a5fa73be
Bridge “bridge1”
Port “em2”
Interface “em2”
Port “bridge1”
Interface “bridge1”
type: internal
ovs_version: “2.0.2”

Sistem uzerinde su ana kadar yaratilan interfaceleri bir gorelim

noroot@kvm-ovs-server1:~$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 00:17:a4:77:0c:04 brd ff:ff:ff:ff:ff:ff
3: em2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master ovs-system state UP mode DEFAULT group default qlen 1000
link/ether 00:17:a4:77:0c:06 brd ff:ff:ff:ff:ff:ff
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default
link/ether 26:60:82:18:c0:4f brd ff:ff:ff:ff:ff:ff
5: bridge1: <BROADCAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default
link/ether 00:17:a4:77:0c:06 brd ff:ff:ff:ff:ff:ff

Anahtar bilgi, OVS demek Trunk demek, 4K Vlan demek yani yukardaki ornekte oldugu gubu ekledigimiz ” em2 ” interface’i fiziksel bagli oldugu switch’de trunk ayarli olmali

Simdi daha onceki gibi bir vm yaratalim ….

sudo ubuntu-vm-builder kvm trusty –addpkg linux-image-generic –addpkg openssh-server –arch amd64 –hostname server5 –dest server5 –libvirt qemu:///system –bridge bridge1 –mem 1024 –cpu 1 –ip xxx.xxx.xxx.xxx –mask 255.255.255.224 –net yyy.yyy.yyy.yyy –bcast z –gw zzz.zzz.zzz.zzz –dns 8.8.8.8;

Burada dikkat edilmesi gereken bir husus var, OVS kullanildiginda VM interface konfograsyonu farkli oluyor (birazcik)

noroot@kvm-ovs-server1:~$ sudo virsh start server5
setlocale: No such file or directory
error: Failed to start domain server5
error: Unable to add bridge bridge1 port vnet0: Operation not supported

Hoppaaa,  yukarda aldik hatayi neleri degistirecegimiz asagida

noroot@kvm-ovs-server1:~$ sudo virsh edit server5
setlocale: No such file or directory
Domain server5 XML configuration edited.

Koyu ile yazani ekliyoruz

 <interface type=’bridge’>
<mac address=’52:54:00:a0:c1:81’/>
<source bridge=’bridge1’/>
<virtualport type=’openvswitch’>
</virtualport>

Kayit edip cikalim (wq!)

Sonra bir daha bakin , bir interface gelmis bu aslinda veth0 , tanidik ,

 <interface type=’bridge’>
<mac address=’52:54:00:a0:c1:81’/>
<source bridge=’bridge1’/>
<virtualport type=’openvswitch’>
<parameters interfaceid=’4b25e7e1-7db2-4133-a8b8-0c050f4983d2’/>
</virtualport>

Guzel , calistiralim

noroot@kvm-ovs-server1:~$ sudo virsh start server5
setlocale: No such file or directory
Domain server5 started

noroot@kvm-ovs-server1:~$ sudo virsh list
setlocale: No such file or directory
Id    Name                           State
—————————————————-
3     server5                        running

vnet0 gelmis (otomatik) …..

noroot@kvm-ovs-server1:~$ sudo ovs-vsctl show
4d2bc225-4cd5-4344-84c1-1d39a5fa73be
Bridge “bridge1”
Port “em2”
Interface “em2”
Port “vnet0”
Interface “vnet0”
Port “bridge1”
Interface “bridge1”
type: internal
ovs_version: “2.0.2”

Burada belki daha once yazmaliydim ama OVS Trunk , em2 Trunk , bu durumda VM’in vnet0 interface’ini untagged calisabilmesi icin ufak bir eklentiye daha ihtiyac var🙂

    <interface type=’bridge’>
<mac address=’52:54:00:a0:c1:81’/>
<source bridge=’bridge1’/>
<vlan>
        <tag id=’497’/>
      </vlan>
<virtualport type=’openvswitch’/>
<parameters interfaceid=’4b25e7e1-7db2-4133-a8b8-0c050f4983d2’/>
</virtualport>

Simdi bir daha bakalim

noroot@kvm-ovs-server1:~$ sudo ovs-vsctl show
4d2bc225-4cd5-4344-84c1-1d39a5fa73be
Bridge “bridge1”
Port “em2”
Interface “em2”
Port “vnet0”
tag: 497
Interface “vnet0”
Port “bridge1”
Interface “bridge1”
type: internal
ovs_version: “2.0.2”

Eger birden fazla VLAN a erisim saglayabiliyor ise bu VM o zaman asagidaki gibi bir ayar yapabilirdik , bu sadece bilgi asagidaki ayarlari yapmadim ….

 <vlan trunk=‘yes’>

        <tag id=‘2102’/>
        <tag id=‘2103’/>
        <tag id=‘2110’/>
        <tag id=‘2999’/>
        <tag id=‘3000’/>
      </vlan>

Simdi olayi biraz daha oteye goturelim acaba libvirt ‘in yaptigini cli> dan biz yapmaya calisirsak bunu nasil yapardik ;

noroot@kvm-ovs-server1:~$ sudo ovs-vsctl add-port bridge1 biziminterface01 tag=4000
[sudo] password for noroot:
noroot@kvm-ovs-server1:~$ sudo ovs-vsctl show
4d2bc225-4cd5-4344-84c1-1d39a5fa73be
Bridge “bridge1”
Port “em2”
Interface “em2”
Port “vnet0”
tag: 497
Interface “vnet0”
Port “biziminterface01”
tag: 4000
Interface “biziminterface01”
Port “bridge1”
Interface “bridge1”
type: internal
ovs_version: “2.0.2”

Bridge’e ait MAC tablosunu gormek icin

noroot@kvm-ovs-server1:~$ sudo ovs-appctl fdb/show bridge1
port  VLAN  MAC                Age
1   497  00:24:38:99:bf:00    1
6   497  52:54:00:a0:c1:81    1

Okunan Guzel Linkler

ifconfig ile ifup arasindaki Fark
https://access.redhat.com/solutions/27166

OVS-Bridge ve Port Yaratma
http://blog.scottlowe.org/2012/08/17/installing-kvm-and-open-vswitch-on-ubuntu/
http://blog.allanglesit.com/2012/10/linux-kvm-ubuntu-12-10-with-openvswitch/

Virtualized Networking With OpenvSwitch

https://fredhsu.wordpress.com/2013/10/15/ovsdb-client-in-python/

Lovely

http://www.opencloudblog.com/?p=177

VM

 

 

Posted on 07/12/2015, in OVS and tagged , , , , , . Bookmark the permalink. 1 Comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: