def add_tunnel(self, tunnel, tunnel_key): global tun_id vlog.info("adding tunnel %s" % tunnel) encap, ip = tunnel.split("/") if encap != "vxlan_over_ipv4": vlog.warn("unsupported tunnel format %s" % encap) return tun_id += 1 tun_name = "vx" + str(tun_id) ovs_vsctl("add-port %s %s -- set Interface %s type=vxlan " "options:key=%s options:remote_ip=%s" % (self.short_name, tun_name, tun_name, tunnel_key, ip)) for i in range(10): port_no = ovs_vsctl("get Interface %s ofport" % tun_name) if port_no != "-1": break elif i == 9: vlog.warn("couldn't create tunnel %s" % tunnel) ovs_vsctl("del-port %s %s" % (self.short_name, tun_name)) return # Give the system a moment to allocate the port number time.sleep(0.5) self.tunnels[tunnel] = (port_no, tun_name, ip) add_bfd(ip) ovs_ofctl("add-flow %s table=0,priority=1000,in_port=%s," "actions=resubmit(,1)" % (self.short_name, port_no))
[root@kunpeng82 scripts]# ./ovs-vtep -h usage: ovs-vtep [-h] [--root-prefix DIR] [--version] [--log-file [LOG_FILE]] [-v [VERBOSE [VERBOSE ...]]] [--detach] [--no-chdir] [--monitor] [--pidfile [PIDFILE]] [--overwrite-pidfile] PS-NAME positional arguments: PS-NAME Name of physical switch. optional arguments: -h, --help show this help message and exit --root-prefix DIR Use DIR as alternate root directory (for testing). --version show program's version number and exit Logging Options: --log-file [LOG_FILE] Enables logging to a file. Default log file is used if LOG_FILE is omitted. -v [VERBOSE [VERBOSE ...]], --verbose [VERBOSE [VERBOSE ...]] Sets logging levels, see ovs-vswitchd(8). Defaults to dbg. Daemon Options: --detach Run in background as a daemon. --no-chdir Do not chdir to '/'. --monitor Monitor ovs-vtep process. --pidfile [PIDFILE] Create pidfile (default /var/run/ovs-vtep.pid). --overwrite-pidfile With --pidfile, start even if already running. [root@kunpeng82 scripts]#
[root@kunpeng82 scripts]# vtep-ctl -h vtep-ctl: VTEP configuration utility usage: vtep-ctl [OPTIONS] COMMAND [ARG...] VTEP commands: show print overview of database contents Manager commands: get-manager print the managers del-manager delete the managers [--inactivity-probe=MSECS] set-manager TARGET... set the list of managers to TARGET... Physical Switch commands: add-ps PS create a new physical switch named PS del-ps PS delete PS and all of its ports list-ps print the names of all the physical switches ps-exists PS exit 2 if PS does not exist Port commands: list-ports PS print the names of all the ports on PS add-port PS PORT add network device PORT to PS del-port PS PORT delete PORT from PS Logical Switch commands: add-ls LS create a new logical switch named LS del-ls LS delete LS and all of its ports list-ls print the names of all the logical switches ls-exists LS exit 2 if LS does not exist bind-ls PS PORT VLAN LS bind LS to VLAN on PORT unbind-ls PS PORT VLAN unbind logical switch on VLAN from PORT list-bindings PS PORT list bindings for PORT on PS set-replication-mode LS MODE set replication mode on LS get-replication-mode LS get replication mode on LS Logical Router commands: add-lr LR create a new logical router named LR del-lr LR delete LR list-lr print the names of all the logical routers lr-exists LR exit 2 if LR does not exist MAC binding commands: add-ucast-local LS MAC [ENCAP] IP add ucast local entry in LS del-ucast-local LS MAC del ucast local entry from LS add-mcast-local LS MAC [ENCAP] IP add mcast local entry in LS del-mcast-local LS MAC [ENCAP] IP del mcast local entry from LS clear-local-macs LS clear local mac entries list-local-macs LS list local mac entries add-ucast-remote LS MAC [ENCAP] IP add ucast remote entry in LS del-ucast-remote LS MAC del ucast remote entry from LS add-mcast-remote LS MAC [ENCAP] IP add mcast remote entry in LS del-mcast-remote LS MAC [ENCAP] IP del mcast remote entry from LS clear-remote-macs LS clear remote mac entries list-remote-macs LS list remote mac entries Database commands: list TBL [REC] list RECord (or all records) in TBL find TBL CONDITION... list records satisfying CONDITION in TBL get TBL REC COL[:KEY] print values of COLumns in RECord in TBL set TBL REC COL[:KEY]=VALUE set COLumn values in RECord in TBL add TBL REC COL [KEY=]VALUE add (KEY=)VALUE to COLumn in RECord in TBL remove TBL REC COL [KEY=]VALUE remove (KEY=)VALUE from COLumn clear TBL REC COL clear values from COLumn in RECord in TBL create TBL COL[:KEY]=VALUE create and initialize new record destroy TBL REC delete RECord from TBL wait-until TBL REC [COL[:KEY]=VALUE] wait until condition is true Potentially unsafe database commands require --force option. Database commands may reference a row in each table in the following ways: ACL: by UUID ACL_entry: by UUID Arp_Sources_Local: by UUID Arp_Sources_Remote: by UUID Global: by UUID as "." Logical_Binding_Stats: by UUID Logical_Router: by UUID by "name" Logical_Switch: by UUID by "name" Manager: by UUID by "target" Mcast_Macs_Local: by UUID Mcast_Macs_Remote: by UUID Physical_Locator: by UUID Physical_Locator_Set: by UUID Physical_Port: by UUID by "name" Physical_Switch: by UUID by "name" Tunnel: by UUID Ucast_Macs_Local: by UUID Ucast_Macs_Remote: by UUID Options: --db=DATABASE connect to DATABASE (default: unix:/var/run/openvswitch/db.sock) -t, --timeout=SECS wait at most SECS seconds --dry-run do not commit changes to database --oneline print exactly one line of output per command Output formatting options: -f, --format=FORMAT set output formatting to FORMAT ("table", "html", "csv", or "json") -d, --data=FORMAT set table cell output formatting to FORMAT ("string", "bare", or "json") --no-headings omit table heading row --pretty pretty-print JSON in output --bare equivalent to "--format=list --data=bare --no-headings" Logging options: -vSPEC, --verbose=SPEC set logging levels -v, --verbose set maximum verbosity level --log-file[=FILE] enable logging to specified FILE (default: /var/log/openvswitch/vtep-ctl.log) --syslog-method=(libc|unix:file|udp:ip:port) specify how to send messages to syslog daemon --syslog-target=HOST:PORT also send syslog msgs to HOST:PORT via UDP --no-syslog equivalent to --verbose=vtep_ctl:syslog:warn Active database connection methods: tcp:HOST:PORT PORT at remote HOST ssl:HOST:PORT SSL PORT at remote HOST unix:FILE Unix domain socket named FILE Passive database connection methods: ptcp:PORT[:IP] listen to TCP PORT on IP pssl:PORT[:IP] listen for SSL on PORT on IP punix:FILE listen on Unix domain socket FILE PKI configuration (required to use SSL): -p, --private-key=FILE file with private key -c, --certificate=FILE file with certificate for private key -C, --ca-cert=FILE file with peer CA certificate SSL options: --ssl-protocols=PROTOS list of SSL protocols to enable --ssl-ciphers=CIPHERS list of SSL ciphers to enable Other options: -h, --help display this help message -V, --version display version information [root@kunpeng82 scripts]#
vtep-ctl add Logical_Switch ls2 tunnel_key=44
vs-vsctl add-port vtep_bfd bfd192.168.16.83 -- set interface bfd192.168.16.83 type=vxlan options:remote_ip=192.168.16.83 options:key=44
[root@kunpeng82 scripts]# ovs-vsctl show ec7f002f-352c-476c-8348-5f2c86c8194f Bridge "br1" Port "br1" Interface "br1" type: internal Bridge "br0_vtep_ls1" Port "br0_vtep_ls1" Interface "br0_vtep_ls1" type: internal Port "vx1" Interface "vx1" type: vxlan options: {key="33", remote_ip="192.168.16.81"} Port "0100-tortap2-l" Interface "0100-tortap2-l" type: patch options: {peer="0100-tortap2-p"} Port "0000-tortap1-l" Interface "0000-tortap1-l" type: patch options: {peer="0000-tortap1-p"} Bridge "br0_vtep_ls2" Port "0100-tortap3-l" Interface "0100-tortap3-l" type: patch options: {peer="0100-tortap3-p"} Port "br0_vtep_ls2" Interface "br0_vtep_ls2" type: internal Bridge vtep_bfd Port vtep_bfd Interface vtep_bfd type: internal Port "bfd192.168.16.81" Interface "bfd192.168.16.81" type: vxlan options: {remote_ip="192.168.16.81"} Port "bfd192.168.16.83" Interface "bfd192.168.16.83" type: vxlan options: {key="44", remote_ip="192.168.16.83"} Bridge "br0" Port "0100-tortap2-p" Interface "0100-tortap2-p" type: patch options: {peer="0100-tortap2-l"} Port "br0" Interface "br0" type: internal Port "0100-tortap3-p" Interface "0100-tortap3-p" type: patch options: {peer="0100-tortap3-l"} Port "tortap1" tag: 0 Interface "tortap1" Port "tortap3" Interface "tortap3" Port "0000-tortap1-p" Interface "0000-tortap1-p" type: patch options: {peer="0000-tortap1-l"} Port "tortap2" tag: 0 Interface "tortap2" ovs_version: "2.12.0"
[root@kunpeng82 scripts]# vtep-ctl list-remote-macs ls0 ucast-mac-remote mcast-mac-remote unknown-dst -> vxlan_over_ipv4/192.168.16.81 [root@kunpeng82 scripts]# vtep-ctl list-local-macs ls0 ucast-mac-local mcast-mac-local unknown-dst -> vxlan_over_ipv4/192.168.16.81 [root@kunpeng82 scripts]# vtep-ctl add-ucast-remote ls0 d2:40:3e:24:38:f6 192.168.16.83 ----------------------添加一个单播地址 [root@kunpeng82 scripts]# ovs-vsctl show ec7f002f-352c-476c-8348-5f2c86c8194f Bridge "br1" Port "br1" Interface "br1" type: internal Bridge "br0_vtep_ls1" Port "br0_vtep_ls1" Interface "br0_vtep_ls1" type: internal Port "vx1" Interface "vx1" type: vxlan options: {key="33", remote_ip="192.168.16.81"} Port "0100-tortap2-l" Interface "0100-tortap2-l" type: patch options: {peer="0100-tortap2-p"} Port "vx2" Interface "vx2" type: vxlan options: {key="33", remote_ip="192.168.16.83"} ------------------加进来了 key 不是44 Port "0000-tortap1-l" Interface "0000-tortap1-l" type: patch options: {peer="0000-tortap1-p"} Bridge "br0_vtep_ls2" Port "0100-tortap3-l" Interface "0100-tortap3-l" type: patch options: {peer="0100-tortap3-p"} Port "br0_vtep_ls2" Interface "br0_vtep_ls2" type: internal Bridge vtep_bfd Port vtep_bfd Interface vtep_bfd type: internal Port "bfd192.168.16.81" Interface "bfd192.168.16.81" type: vxlan options: {remote_ip="192.168.16.81"} Port "bfd192.168.16.83" Interface "bfd192.168.16.83" type: vxlan options: {key="44", remote_ip="192.168.16.83"} Bridge "br0" Port "0100-tortap2-p" Interface "0100-tortap2-p" type: patch options: {peer="0100-tortap2-l"} Port "br0" Interface "br0" type: internal Port "0100-tortap3-p" Interface "0100-tortap3-p" type: patch options: {peer="0100-tortap3-l"} Port "tortap1" tag: 0 Interface "tortap1" Port "tortap3" Interface "tortap3" Port "0000-tortap1-p" Interface "0000-tortap1-p" type: patch options: {peer="0000-tortap1-l"} Port "tortap2" tag: 0 Interface "tortap2" ovs_version: "2.12.0" [root@kunpeng82 scripts]#
[root@kunpeng82 scripts]# vtep-ctl del-ucast-remote ls0 d2:40:3e:24:38:f6 [root@kunpeng82 scripts]# ovs-vsctl show ec7f002f-352c-476c-8348-5f2c86c8194f Bridge "br1" Port "br1" Interface "br1" type: internal Bridge "br0_vtep_ls1" Port "br0_vtep_ls1" Interface "br0_vtep_ls1" type: internal Port "vx1" Interface "vx1" type: vxlan options: {key="33", remote_ip="192.168.16.81"} Port "0100-tortap2-l" Interface "0100-tortap2-l" type: patch options: {peer="0100-tortap2-p"} Port "0000-tortap1-l" Interface "0000-tortap1-l" type: patch options: {peer="0000-tortap1-p"} Bridge "br0_vtep_ls2" Port "0100-tortap3-l" Interface "0100-tortap3-l" type: patch options: {peer="0100-tortap3-p"} Port "br0_vtep_ls2" Interface "br0_vtep_ls2" type: internal Bridge vtep_bfd Port vtep_bfd Interface vtep_bfd type: internal Port "bfd192.168.16.81" Interface "bfd192.168.16.81" type: vxlan options: {remote_ip="192.168.16.81"} // 另外一个192.168.16.83删了 Bridge "br0" Port "0100-tortap2-p" Interface "0100-tortap2-p" type: patch options: {peer="0100-tortap2-l"} Port "br0" Interface "br0" type: internal Port "0100-tortap3-p" Interface "0100-tortap3-p" type: patch options: {peer="0100-tortap3-l"} Port "tortap1" tag: 0 Interface "tortap1" Port "tortap3" Interface "tortap3" Port "0000-tortap1-p" Interface "0000-tortap1-p" type: patch options: {peer="0000-tortap1-l"} Port "tortap2" tag: 0 Interface "tortap2" ovs_version: "2.12.0" [root@kunpeng82 scripts]#
[root@kunpeng82 scripts]# vtep-ctl add-ucast-remote ls2 d2:40:3e:24:38:f6 192.168.16.83 [root@kunpeng82 scripts]# ovs-vsctl show ec7f002f-352c-476c-8348-5f2c86c8194f Bridge "br1" Port "br1" Interface "br1" type: internal Bridge "br0_vtep_ls1" Port "br0_vtep_ls1" Interface "br0_vtep_ls1" type: internal Port "vx1" Interface "vx1" type: vxlan options: {key="33", remote_ip="192.168.16.81"} Port "0100-tortap2-l" Interface "0100-tortap2-l" type: patch options: {peer="0100-tortap2-p"} Port "0000-tortap1-l" Interface "0000-tortap1-l" type: patch options: {peer="0000-tortap1-p"} Bridge "br0_vtep_ls2" Port "vx3" Interface "vx3" type: vxlan options: {key="44", remote_ip="192.168.16.83"} ---------------------------vxlan44 Port "0100-tortap3-l" Interface "0100-tortap3-l" type: patch options: {peer="0100-tortap3-p"} Port "br0_vtep_ls2" Interface "br0_vtep_ls2" type: internal Bridge vtep_bfd Port vtep_bfd Interface vtep_bfd type: internal Port "bfd192.168.16.81" Interface "bfd192.168.16.81" type: vxlan options: {remote_ip="192.168.16.81"} Port "bfd192.168.16.83" Interface "bfd192.168.16.83" type: vxlan options: {remote_ip="192.168.16.83"} Bridge "br0" Port "0100-tortap2-p" Interface "0100-tortap2-p" type: patch options: {peer="0100-tortap2-l"} Port "br0" Interface "br0" type: internal Port "0100-tortap3-p" Interface "0100-tortap3-p" type: patch options: {peer="0100-tortap3-l"} Port "tortap1" tag: 0 Interface "tortap1" Port "tortap3" Interface "tortap3" Port "0000-tortap1-p" Interface "0000-tortap1-p" type: patch options: {peer="0000-tortap1-l"} Port "tortap2" tag: 0 Interface "tortap2" ovs_version: "2.12.0" [root@kunpeng82 scripts]#
[root@kunpeng82 scripts]# vtep-ctl show 7ad71c45-a370-4718-89cd-c15d142f1fce Physical_Switch "br0" tunnel_ips: ["192.168.16.81"] ----还是只有一个 Physical_Port "tortap1" vlan_bindings: 0="ls0" Physical_Port "tortap2" vlan_bindings: 100="ls0" Physical_Port "tortap3" vlan_bindings: 100="ls2"
vtep-ctl set Physical_Switch br0 tunnel_ips=192.168.16.81
vtep-ctl add-ps br0 vtep-ctl set Physical_Switch br0 tunnel_ips=192.168.16.81,………… vtep只能绑定一个bridge 可以添加多个logic switch vtep-ctl add-ls ls0 vtep-ctl bind-ls br0 p0 100 ls0 vtep-ctl set Logical_Switch ls0 tunnel_key=33 vtep-ctl add-ucast-remote ls0 d2:40:3e:24:38:f6 192.168.16.83 添加一个单播地址,每添加一个形成一个Port "vx"