11. Настройка коммутации в COD-е на SW-COD

Источник http://altlinuxmetod.ru/?page_id=385

SW-COD:

• Настройка имени:

hostnamectl set-hostname sw-cod.au.team; exec bash

• Настройка пользователя:создаём пользователя
  

useradd net_admin

• задаём пароль пользователю
  

passwd net_admin

• должно получиться следующее
  

[root@sw-cod ~]# passwd net_admin
passwd: updating all authentication tokens for user net_admin.

You can now choose the new password or passphrase.

A valid password should be a mix of upper and lower case letters, digits, and
other characters. You can use a password containing at least 7 characters
from all of these classes, or a password containing at least 8 characters
from just 3 of these 4 classes.
An upper case letter that begins the password and a digit that ends it do not
count towards the number of character classes used.

A passphrase should be of at least 3 words, 11 to 72 characters long, and
contain enough different characters.

Alternatively, if no one else can see your terminal now, you can pick this as
your password: "Geneva+Clasp-Aside".

Enter new password:
Weak password: based on a dictionary word and not a passphrase.
Re-type new password:
passwd: all authentication tokens updated successfully.

• Добавляем пользователя в группу wheel:

usermod -aG wheel net_admin

• Настраиваем sudo для пользователя:

echo "net_admin ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers

• Проверить:

sw-cod login: net_admin
Password:
[net_admin@sw-cod ~]$ sudo hostname -f
sw-cod.au.team
[net_admin@sw-cod ~]$ exit
выход


Welcome to ALT Server 11.0 (Mendelevium)!

• Настройка временного IP для установки openvswitch:

ip addr add 172.16.1.0/23 dev ens19
ip route add 0.0.0.0/0 via 172.16.1.254
echo "nameserver 77.88.8.8" > /etc/resolv.conf

• Устанавливаем пакет openvswitch:

apt-get update && apt-get install -y openvswitch

• Включаем и добавляем в автозагрузку службу openvswitch:также реализуем сохранение настроек созданных средствами утилиты ovs-vsctl
  и перезагружаем виртуальную машину
  

systemctl enable --now openvswitch
sed -i "s/OVS_REMOVE=yes/OVS_REMOVE=no/g" /etc/net/ifaces/default/options
reboot

• Настраиваем коммутацию:включаем все существующие сетевые интерфейсы
  

echo "TYPE=eth" > /etc/net/ifaces/ens19/options
cp -r /etc/net/ifaces/ens{19,20}/
cp -r /etc/net/ifaces/ens{19,21}/
cp -r /etc/net/ifaces/ens{19,22}/
cp -r /etc/net/ifaces/ens19 /etc/net/ifaces/enp2s29
cp -r /etc/net/ifaces/ens19 /etc/net/ifaces/enp3s12
systemctl restart network

• Проверить:

[root@sw-cod ~]# ip -c -br a
lo UNKNOWN 127.0.0.1/8 ::1/128
ens19 UP fe80::be24:11ff:febf:d8fb/64
ens20 UP fe80::be24:11ff:fe41:8167/64
ens21 UP fe80::be24:11ff:fe0d:fa1f/64
ens22 UP fe80::be24:11ff:fe76:cab8/64
enp2s29 UP fe80::be24:11ff:fe7e:9a42/64
enp3s12 UP fe80::be24:11ff:fefd:469d/64

• Создаём коммутатор с именем sw-cod:

ovs-vsctl add-br sw-cod

• Добавляем все интерфейсы в коммутатор sw-cod:

ovs-vsctl add-port sw-cod ens19
ovs-vsctl add-port sw-cod ens20
ovs-vsctl add-port sw-cod ens21
ovs-vsctl add-port sw-cod ens22
ovs-vsctl add-port sw-cod enp2s29
ovs-vsctl add-port sw-cod enp3s12

• Проверить:

[root@sw-cod ~]# ovs-vsctl show
43b9c49d-4803-4df5-9b65-bd8efab074d0
Bridge sw-cod
Port enp2s29
Interface enp2s29
Port sw-cod
Interface sw-cod
type: internal
Port ens19
Interface ens19
Port ens21
Interface ens21
Port ens22
Interface ens22
Port enp3s12
Interface enp3s12
Port ens20
Interface ens20
ovs_version: "3.3.8"
[root@sw-cod ~]#

• Создаём порт управления для назначения IP-адреса:

mkdir /etc/net/ifaces/mgmt

cat <<EOF > /etc/net/ifaces/mgmt/options
TYPE=ovsport
BOOTPROTO=static
CONFIG_IPv4=yes
BRIDGE=sw-cod
EOF

echo "172.16.1.0/23" > /etc/net/ifaces/mgmt/ipv4address
echo "default via 172.16.1.254" > /etc/net/ifaces/mgmt/ipv4route
echo "search au.team" > /etc/net/ifaces/mgmt/resolv.conf
echo "nameserver 10.1.1.10" >> /etc/net/ifaces/mgmt/resolv.conf
systemctl restart network

• Проверить:

[root@sw-cod ~]# ip -c -br -4 a
lo UNKNOWN 127.0.0.1/8
mgmt UNKNOWN 172.16.1.0/23
[root@sw-cod ~]# ip -c r
default via 172.16.1.254 dev mgmt
172.16.0.0/23 dev mgmt proto kernel scope link src 172.16.1.0
[root@sw-cod ~]# cat /etc/resolv.conf
# Generated by resolvconf
# Do not edit manually, use
# /etc/net/ifaces/<interface>/resolv.conf instead.
search au.team
nameserver 10.1.1.10
[root@sw-cod ~]# ovs-vsctl show
43b9c49d-4803-4df5-9b65-bd8efab074d0
Bridge sw-cod
Port enp2s29
Interface enp2s29
Port sw-cod
Interface sw-cod
type: internal
Port ens19
Interface ens19
Port mgmt
Interface mgmt
type: internal
Port ens21
Interface ens21
Port ens22
Interface ens22
Port enp3s12
Interface enp3s12
Port ens20
Interface ens20
ovs_version: "3.3.8"
[root@sw-cod ~]# ping -c3 77.88.8.8
PING 77.88.8.8 (77.88.8.8) 56(84) bytes of data.
64 bytes from 77.88.8.8: icmp_seq=1 ttl=54 time=71.8 ms
64 bytes from 77.88.8.8: icmp_seq=2 ttl=54 time=70.3 ms
64 bytes from 77.88.8.8: icmp_seq=3 ttl=54 time=68.6 ms

--- 77.88.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 68.591/70.221/71.815/1.316 ms
[root@sw-cod ~]#