Ссылки:
|
1 2 3 4 5 |
http://www.openvswitch.org/support/ovscon2016/8/1450-mysore.pdf https://docs.faucet.nz/en/latest/installation.html https://github.com/faucetsdn/faucet https://gist.github.com/cyrenity/397c6baebdc20d9a9e377523f256620e https://github.com/wandsdn/sc18-ansible |
Установка faucet:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
### https://docs.faucet.nz/en/latest/installation.html#faucet-apt-install sudo apt-get install curl gnupg apt-transport-https lsb-release echo "deb https://packagecloud.io/faucetsdn/faucet/$(lsb_release -si | awk '{print tolower($0)}')/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/faucet.list sudo curl -1sLf https://packagecloud.io/faucetsdn/faucet/gpgkey -o /etc/apt/trusted.gpg.d/faucet.asc sudo apt-get update sudo apt-get install faucet-all-in-one sudo apt-get install faucet sudo apt-get install gauge ### Настройка Prometheus vim /etc/default/prometheus --------------------------- ... ARGS="--config.file=/etc/faucet/prometheus/prometheus.yml" ... --------------------------- systemctl restart prometheus.service ### настройка grafana sudo systemctl daemon-reload sudo systemctl enable grafana-server sudo systemctl start grafana-server Сначала загрузите http://localhost:3000 в свой веб-браузер (по умолчанию и имя пользователя, и пароль admin). Веб-интерфейс сначала предложит нам добавить источник данных. Используйте следующие настройки: Name: Prometheus Type: Prometheus URL: http://localhost:9090 Нажмите: Save & Test Далее мы хотим добавить несколько информационных панелей, чтобы позже мы могли просматривать показатели из крана. Наведите курсор на + кнопку на левой боковой панели в веб-интерфейсе и нажмите Import https://docs.faucet.nz/en/latest/_static/grafana-dashboards/faucet_instrumentation.json https://docs.faucet.nz/en/latest/_static/grafana-dashboards/faucet_inventory.json https://docs.faucet.nz/en/latest/_static/grafana-dashboards/faucet_port_statistics.json |
Настройка сервера faucet:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 |
### https://docs.faucet.nz/en/latest/tutorials/first_time.html ### https://docs.faucet.nz/en/latest/configuration.html#configuration-options Готовим конфиг faucet: vim /etc/faucet/faucet.yaml ---------------------- --- include: - acls.yaml vlans: office: vid: 100 description: "office network" acls_in: [office-vlan-protect] dps: sw0: dp_id: 0x4 hardware: "Open vSwitch" interfaces: 5: name: "5" description: "in5" native_vlan: office 6: name: "6" description: "in6" native_vlan: office sw1: dp_id: 0x1 hardware: "Open vSwitch" interfaces: 2: name: "2" description: "in2" native_vlan: office 3: name: "3" description: "in3" native_vlan: office sw2: dp_id: 0x2 hardware: "Open vSwitch" interfaces: 2: name: "2" description: "in2" native_vlan: office 3: name: "3" description: "in3" native_vlan: office sw3: dp_id: 0x3 hardware: "Open vSwitch" interfaces: 6: name: "6" description: "in6" native_vlan: office 7: name: "7" description: "in7" native_vlan: office 8: name: "8" description: "in8" native_vlan: office 9: name: "9" description: "in9" native_vlan: office ---------------------- vim /etc/faucet/acls.yaml ------------------------- --- acls: office-vlan-protect: # Prevent IPv4 communication betwen Office/Guest networks - rule: actions: allow: 1 # allow ------------------------- Проверяем на ошибки конфиг faucet: check_faucet_config /etc/faucet/faucet.yaml Логи: tail /var/log/faucet/faucet.log journalctl -u faucet.service Конфиг /etc/faucet/gauge.yaml отвечает за мониторинг faucet(grafana и prometheus). |
Настройка openwswitch на клиентах:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
### https://docs.faucet.nz/en/latest/vendors/ovs/faucet_testing_with_OVS_on_hardware.html?highlight=openvswitch#commands-on-open-vswitch Установка пакетов: apt-get install openvswitch-switch systemctl status openvswitch-switch.service Создание бриджа и добавление портов: ovs-vsctl add-br ovsbr0 ovs-vsctl add-port ovsbr0 ens3 -- set Interface ens3 ofport_request=1 ovs-vsctl add-port ovsbr0 ens4 -- set Interface ens4 ofport_request=2 ovs-vsctl add-port ovsbr0 ens5 -- set Interface ens5 ofport_request=3 ovs-vsctl add-port ovsbr0 ens6 -- set Interface ens6 ofport_request=4 ovs-vsctl set-fail-mode ovsbr0 secure ovs-vsctl set bridge ovsbr0 protocols=OpenFlow13,OpenFlow10 ovs-vsctl set-controller ovsbr0 tcp:172.16.0.1:6636 tcp:172.16.0.1:6637 Получаем инфу по клиенту: ovs-vsctl get bridge ovsbr0 datapath_id ovs-vsctl show Изменить настройку fail_mode: ovs-vsctl set bridge ovsbr0 fail_mode=standalone ovs-vsctl set bridge ovsbr0 fail_mode=secure Очистить настройку fail_mode: ovs-vsctl clear bridge ovsbr0 fail_mode Сменить datapath_id( 0x2 и 0x1 ): ovs-vsctl set bridge ovsbr0 other-config:datapath-id=0000000000000001 ovs-vsctl set bridge ovsbr0 other-config:datapath-id=0000000000000002 Показать информацию о бридже и портах: ovs-vsctl get Interface ens4 ofport_request ovs-vsctl show ovs-vsctl list port ovs-vsctl list port ovsbr0 ovs-ofctl show ovsbr0 ovs-ofctl dump-tables ovsbr0 ovs-ofctl dump-flows ovsbr0 ovs-ofctl queue-get-config ovsbr0 ovs-vsctl get-controller br0 ovsdb-tool show-log ovs-dpctl show ovsdb-client dump Сброс ovs: ovs-vsctl emer-reset |
Удачное подключение выглядит так:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
#### Так вот # ovs-vsctl show 55432938-4f67-49b2-983e-bf0bb9f73336 Bridge ovsbr0 Controller "tcp:172.16.0.1:6637" is_connected: true Controller "tcp:172.16.0.1:6636" is_connected: true ### Если нет проверяем соответствие портов vim /etc/default/faucet vim /etc/default/gauge ## ss -tpln ## Логи: tail /var/log/faucet/faucet.log journalctl -u faucet.service |
