What is Open vSwitch?

Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license.  It is designed to enable massive network automation through programmatic extension, while still supporting standard management interfaces and protocols (e.g. NetFlow, sFlow, IPFIX, RSPAN, CLI, LACP, 802.1ag).  In addition, it is designed to support distribution across multiple physical servers similar to VMware's vNetwork distributed vswitch or Cisco's Nexus 1000V. See full feature list here

Why Open vSwitch ?

https://github.com/openvswitch/ovs/blob/master/Documentation/intro/why-ovs.rst

OVN:

http://www.openvswitch.org/support/dist-docs/ovn-architecture.7.html

  1.                                          CMS
  2.                                           |
  3.                                           |
  4.                               +-----------|-----------+
  5.                               |           |           |
  6.                               |     OVN/CMS Plugin    |
  7.                               |           |           |
  8.                               |           |           |
  9.                               |   OVN Northbound DB   |
  10.                               |           |           |
  11.                               |           |           |
  12.                               |       ovn-northd      |
  13.                               |           |           |
  14.                               +-----------|-----------+
  15.                                           |
  16.                                           |
  17.                                 +-------------------+
  18.                                 | OVN Southbound DB |
  19.                                 +-------------------+
  20.                                           |
  21.                                           |
  22.                        +------------------+------------------+
  23.                        |                  |                  |
  24.          HV           |                  |    HV n          |
  25.        +---------------|---------------+  .  +---------------|---------------+
  26.        |               |               |  .  |               |               |
  27.        |        ovn-controller         |  .  |        ovn-controller         |
  28.        |         |          |          |  .  |         |          |          |
  29.        |         |          |          |     |         |          |          |
  30.        |  ovs-vswitchd   ovsdb-server  |     |  ovs-vswitchd   ovsdb-server  |
  31.        |                               |     |                               |
  32.        +-------------------------------+     +-------------------------------+

在继续之前,做好先理解一下 namespace:

[cloud][sdn] network namespace

下面两篇中文介绍,内容相似,写的都不咋样。

http://fishcried.com/2016-02-09/openvswitch-ops-guide/

https://blog.kghost.info/2014/11/19/openvswitch-internal/

这个偏实践指导,写的好:

https://www.ibm.com/developerworks/cn/cloud/library/1401_zhaoyi_openswitch/

从源码编译:

文档:https://docs.openvswitch.org/en/latest/intro/install/general/

需要注意是否支持内核模块的编译,有所不同。

  1. [root@D128 thirdparty]# git clone https://github.com/openvswitch/ovs.git
  2. [root@D128 ovs]# git checkout v2.7.0
  3. [root@D128 ovs]#  yum install autoconf automake libtool
  4. [root@D128 ovs]# ./boot.sh
  5. [root@D128 ovs]# ./configure --prefix=/root/BUILD_ovs/
  6. [root@D128 ovs]# make
  7. [root@D128 ovs]# make install

上边是没编译内核模块的。。。

再编个内核模块吧!!

  1. [root@D128 ovs]# yum install kernel-devel-$(uname -r)
  2. [root@D128 ovs]# ./configure --prefix=/root/BUILD_ovs/ --with-linux=/lib/modules/$(uname -r)/build
  3. [root@D128 ovs]# uname -a
  4. Linux D128 3.10.-.el7.x86_64 # SMP Tue Aug  :: UTC  x86_64 x86_64 x86_64 GNU/Linux

kernel版本太旧,编不过。降版本到v2.6.0

  1. [root@D128 ovs]# git checkout v2.6.0
  2. Previous HEAD position was c298ef7... Set release date for 2.7..
  3. HEAD is now at 7a0f907... Set release date for 2.6..
  4. [root@D128 ovs]# git branch
  5. * (detached from v2.6.0)
  6.   master
  7. [root@D128 ovs]#

还是编不过。如果想编译通过必须要找对彼此兼容的版本。算了直接用centos自带的ko(反正是学习了解阶段,但愿能兼容跑起来)。。。

  1. [root@D128 ovs]# modprobe openvswitch
  2. [root@D128 ovs]# lsmod|grep openvswitch
  3. openvswitch
  4. nf_nat_ipv6               openvswitch
  5. nf_nat_ipv4               openvswitch
  6. nf_defrag_ipv6            openvswitch,nf_conntrack_ipv6
  7. nf_nat                    openvswitch,nf_nat_ipv4,nf_nat_ipv6
  8. nf_conntrack             openvswitch,nf_nat,nf_nat_ipv4,nf_nat_ipv6,nf_conntrack_ipv4,nf_conntrack_ipv6
  9. libcrc32c                 xfs,openvswitch,nf_nat,nf_conntrack
  10. [root@D128 ovs]#

运行:

  1. [root@D128 ovs]# export PATH=$PATH:/root/BUILD_ovs/share/openvswitch/scripts/
  2. [root@D128 ~]# ovs-ctl --system-id=random start
  3. Starting ovsdb-server                                      [  OK  ]
  4. Configuring Open vSwitch system IDs                        [  OK  ]
  5. Starting ovs-vswitchd                                      [  OK  ]
  6. Enabling remote OVSDB managers                             [  OK  ]
  7. [root@D128 ~]#

数据库应该已经建立了默认的,并且都初始化了。

测试:

  1. [root@D128 BUILD_ovs]# ip link
  2. : lo: <LOOPBACK,UP,LOWER_UP> mtu  qdisc noqueue state UNKNOWN mode DEFAULT qlen
  3.     link/loopback ::::: brd :::::
  4. : ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu  qdisc pfifo_fast state UP mode DEFAULT qlen
  5.     link/ether :0c::2f:cf: brd ff:ff:ff:ff:ff:ff
  6. [root@D128 BUILD_ovs]# ./bin/ovs-vsctl add-br br0
  7. [root@D128 BUILD_ovs]# ip link
  8. : lo: <LOOPBACK,UP,LOWER_UP> mtu  qdisc noqueue state UNKNOWN mode DEFAULT qlen
  9.     link/loopback ::::: brd :::::
  10. : ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu  qdisc pfifo_fast state UP mode DEFAULT qlen
  11.     link/ether :0c::2f:cf: brd ff:ff:ff:ff:ff:ff
  12. 3: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
  13.     link/ether 92:e5:c6:d2:ec:a2 brd ff:ff:ff:ff:ff:ff
  14. 4: br0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000
  15.     link/ether be:e8:bd:df:ff:41 brd ff:ff:ff:ff:ff:ff
  16. [root@D128 BUILD_ovs]# ./bin/ovs-vsctl add-port br0 ens33
  17. [root@D128 BUILD_ovs]# brctl show
  18. bridge name    bridge id        STP enabled    interfaces
  19. [root@D128 BUILD_ovs]#

ovs-vsctl add-br 增加的这俩个设备是什么?

我写了个脚本去判断:

  1. [root@D128 ~]# cat ip_link_show_type.sh
  2. #! /bin/bash
  3.  
  4. TYPE=" vlan veth vcan dummy ifb macvlan macvtap bridge bond ipoib ip6tnl ipip sit vxlan gre gretap ip6gre ip6gretap vti nlmon bond_slave geneve bridge_slave macsec"
  5.  
  6. for T in $TYPE
  7. do
  8.     echo $T
  9.     ip link show type $T
  10. done

竟然不属于这里边任意一个类型。。。。

虽然没有正面回答,但是看一下下面这个问题的答案,就能很好的理解了:

同时,也讲解了KVM的tap设备怎么可OVS协作,以及需要注意什么。

https://github.com/openvswitch/ovs/blob/master/Documentation/faq/issues.rst

Q: I created a tap device tap0, configured an IP address on it, and added it to a bridge, like this:

大概就是说,OVS的bridge和OVS的internal port是OVS单独实现的两种特殊设备。

报错:

  1. [root@D128 BUILD_ovs]# ./bin/ovs-vsctl add-port br0 p0
  2. ovs-vsctl: Error detected while setting up 'p0': could not open network device p0 (No such device).  See ovs-vswitchd log for details.
  3. ovs-vsctl: The default log directory is "/root/BUILD_ovs/var/log/openvswitch".
  4. [root@D128 BUILD_ovs]#

要这样:

https://github.com/openvswitch/ovs-issues/issues/110

  1. The ports name should be a exist interface use ifconfig to see, such as eth0. If you just want to use a virtual port name to make a test you should 
    specify the port's type like ovs-vsctl add-port br0 port0 -- set Interface port0 type=internal or ovs-vsctl set Interface port0 type=internal
  1. [root@D128 BUILD_ovs]# ./bin/ovs-vsctl add-port br0 port0 -- set Interface port0 type=internal
  2. [root@D128 BUILD_ovs]# ip link
  3. : lo: <LOOPBACK,UP,LOWER_UP> mtu  qdisc noqueue state UNKNOWN mode DEFAULT qlen
  4.     link/loopback ::::: brd :::::
  5. : ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu  qdisc pfifo_fast state UP mode DEFAULT qlen
  6.     link/ether :0c::2f:cf: brd ff:ff:ff:ff:ff:ff
  7. : ovs-system: <BROADCAST,MULTICAST> mtu  qdisc noop state DOWN mode DEFAULT qlen
  8.     link/ether :e5:c6:d2:ec:a2 brd ff:ff:ff:ff:ff:ff
  9. : br0: <BROADCAST,MULTICAST> mtu  qdisc noop state DOWN mode DEFAULT qlen
  10.     link/ether be:e8:bd:df:ff: brd ff:ff:ff:ff:ff:ff
  11. : port0: <BROADCAST,MULTICAST> mtu  qdisc noop state DOWN mode DEFAULT qlen
  12.     link/ether f6:cb:c2::fc:e0 brd ff:ff:ff:ff:ff:ff
  13. [root@D128 BUILD_ovs]# ./bin/ovs-vsctl show
  14. 528b5679-22e8-484b-947b-4499959dc341
  15.     Bridge "br0"
  16.         Port "port0"
  17.             Interface "port0"
  18.                 type: internal
  19.         Port "br0"
  20.             Interface "br0"
  21.                 type: internal
  22.     ovs_version: "2.7.0"
  23. [root@D128 BUILD_ovs]#

查看br0,port0这两个设备。

  1. [root@D128 BUILD_ovs]# ethtool -i br0
  2. driver: openvswitch
  3. version:
  4. firmware-version:
  5. expansion-rom-version:
  6. bus-info:
  7. supports-statistics: no
  8. supports-test: no
  9. supports-eeprom-access: no
  10. supports-register-dump: no
  11. supports-priv-flags: no
  12. [root@D128 BUILD_ovs]# ethtool -i port0
  13. driver: openvswitch
  14. version:
  15. firmware-version:
  16. expansion-rom-version:
  17. bus-info:
  18. supports-statistics: no
  19. supports-test: no
  20. supports-eeprom-access: no
  21. supports-register-dump: no
  22. supports-priv-flags: no
  23. [root@D128 BUILD_ovs]#

增加namespace

  1. [root@D128 BUILD_ovs]# ip netns add ns0
  2. [root@D128 BUILD_ovs]# ip link set port0 netns ns0
  1. [root@D128 BUILD_ovs]# ip netns exec ns0 ip addr add 192.168.1.100/ dev port0
  2. [root@D128 BUILD_ovs]# ip netns exec ns0 ifconfig port0 promisc up

查看:

  1. [root@D128 BUILD_ovs]# ./bin/ovs-ofctl show br0
  2. OFPT_FEATURES_REPLY (xid=0x2): dpid:0000bee8bddfff41
  3. n_tables:, n_buffers:
  4. capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
  5. actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
  6.  (port0): addr:::::0c:e1
  7.      config:     PORT_DOWN
  8.      state:      LINK_DOWN
  9.      speed:  Mbps now,  Mbps max
  10.  LOCAL(br0): addr:be:e8:bd:df:ff:
  11.      config:     PORT_DOWN
  12.      state:      LINK_DOWN
  13.      speed:  Mbps now,  Mbps max
  14. OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=
  15. [root@D128 BUILD_ovs]# ./bin/ovs-dpctl show
  16. system@ovs-system:
  17.     lookups: hit: missed: lost:
  18.     flows:
  19.     masks: hit: total: hit/pkt:1.21
  20.     port : ovs-system (internal)
  21.     port : br0 (internal)
  22.     port : port0 (internal)
  23. [root@D128 BUILD_ovs]# 
  1. [root@D128 BUILD_ovs]# ip addr add 192.168.1.101/ dev br0
  2. [root@D128 BUILD_ovs]# ip link set br0 up

现在两个namespace可以通过br0 互通了。

增加一个of规则

  1. [root@D128 BUILD_ovs]# ./bin/ovs-ofctl add-flow br0 "priority=1 idle_timeout=0, in_port=2,actions=mod_nw_src:9.181.137.1,normal"
  2. [root@D128 BUILD_ovs]# ./bin/ovs-ofctl show br0
  3. OFPT_FEATURES_REPLY (xid=0x2): dpid:0000bee8bddfff41
  4. n_tables:, n_buffers:
  5. capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
  6. actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
  7.  (port0): addr:::::0c:e1
  8.      config:     PORT_DOWN
  9.      state:      LINK_DOWN
  10.      speed:  Mbps now,  Mbps max
  11.  LOCAL(br0): addr:be:e8:bd:df:ff:
  12.      config:
  13.      state:
  14.      speed:  Mbps now,  Mbps max
  15. OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=
  16. [root@D128 BUILD_ovs]# ./bin/ovs-

抓包可以看见,原地址已经被修改为9.181.137.1

  1. [root@D128 BUILD_ovs]# tcpdump -i br0
  2. tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
  3. listening on br0, link-type EN10MB (Ethernet), capture size  bytes
  4. ::00.988146 IP 9.181.137.1 > localhost: ICMP echo request, id , seq , length
  5. ::01.988227 IP 9.181.137.1 > localhost: ICMP echo request, id , seq , length
  6. ::02.988113 IP 9.181.137.1 > localhost: ICMP echo request, id , seq , length
  7. ::03.988133 IP 9.181.137.1 > localhost: ICMP echo request, id , seq , length

暂时先到这。作为一个初步了解。

--------------------------------------------------   update @ 2018-03-30 20:11 -----------------------------------

在OVS port上抓包。

把port流量镜像出来。

  1. [root@vrouter-ovs ~]# ip link add dev mirror type dummy
  2. [root@vrouter-ovs ~]# ip link set mirror up
  3.  
  4. [root@dr-lb ~]# ovs-vsctl add-port ovs-br0 mirror
  1. [root@vrouter-ovs ~]# ovs-vsctl -- set Bridge br-tun mirror=@mi -- --id=@pmirror get Port mirror -- --id=@patch get Port tun-to-int -- --id=@mi create Mirror name=mymi select-dst-port=@patch select-src-port=@patch output-port=@pmirror
  2. [root@vrouter-ovs ~]# tcpdump -i mirror -nn

查看和删除mirror

  1. # ovs-vsctl list Mirror
  2. # ovs-vsctl clear bridge ovsbr0 mirrors 
  1. ovs-vsctl set Bridge ovs-br0 mirrors=@mi -- --id=@pmirror get Port mirror-br0 -- --id=@patch get port vxlanclient0 -- --id=@mi create Mirror name=mymi select-dst-port=@patch select-src-port=@patch output-port=@pmirror

[cloud][OVS][sdn] Open vSwitch 初步了解的更多相关文章

  1. [cloud][ovs][sdn] 安装 openvswitch-dpdk

    [cloud][OVS][sdn] Open vSwitch 初步了解 继之前的内容,安装基于dpdk的ovs https://docs.openvswitch.org/en/latest/intro ...

  2. [qemu][cloud][centos][ovs][sdn] centos7安装高版本的qemu 以及 virtio/vhost/vhost-user咋回事

    因为要搭建ovs-dpdk,所以需要vhost-user的qemu centos默认的qemu与qemu-kvm都不支持vhost-user,qemu最高版本是2.0.0, qemu-kvm最高版本是 ...

  3. SDN期末作业

    期末项目 代码仓库:传送门 视频:组长已经发送给朱老师 选题:负载均衡场景3 选题内容: 该拓扑是数据中心拓扑的一部分,其中h1是数据中心外的一台客户机,h2-h5是数据中心内的服务器,请根据该拓扑实 ...

  4. 从三个开源项目认识OpenFlow交换机 - OVS

    在SDN/NFV的网络革新技术浪潮的引领下,催生了诸多数据面开源方案的诞生.业界知名度较高的有OVS(Open vSwitch).FD.io (Fast Data I/O).ODP(Open Data ...

  5. SDN核心技术剖析和实战指南---读书笔记

    第一章 SDN定义如下: SDN是一种新兴的基于软件的网络架构及技术,其最大的特点在于具有松耦合的控制平面与数据平面.支持集中化的网络状态控制.实现底层网络设施对上层应用的透明. SDN和NFV: O ...

  6. 从SDN鼻祖Nicira到VMware NSX 网络虚拟化平台的简单探讨

    以前的大二层技术,一般是在物理网络底层使用IS-IS路由技术,再在此基础之上,实现数据中心网络的二层扩展,如公有的Trill.SPB技术和Cisco私有的OTV.Fabricpath技术:前沿一些的网 ...

  7. 传统二三层转发融合SDN Openflow协议的Hybrid交换机转发流程

    Hybrid 交换系统(以下简称Hybrid 交换机)是交换机融合了OVS(Openflow vswitch)原生代码,集传统和Openflow 技术于一体的转发系统.主要解决纯Openflow 基于 ...

  8. Open vSwitch FAQ (三)

    Quality of Service (QoS) Q: How do I configure Quality of Service (QoS)? A: Suppose that you want to ...

  9. ovs+dpdk numa感知特性验证

    0.介绍 本测试是为了验证这篇文章中提到的DPDK的NUMA感知特性. 简单来说,在ovs+dpdk+qemu的环境中,一个虚拟机牵涉到的内存共有三部分: DPDK为vHost User设备分配的De ...

随机推荐

  1. python列表中元素插入位置总结

    要完成的操作是把一个列表里的元素通过for循环添加到另外一个列表里,但是通过insert()方法添加到另外一个列表后却发现元素的位置与原始列表的颠倒了.如以下实例: li1 = ['] li2 = [ ...

  2. 每日英语:Mystery Medical Symptoms Hit a Surprising Number of Patients

    It's a common scenario: You have an odd pain for weeks or are feeling too tired lately. So you head ...

  3. D3.js学习

    // 1.选择d3.select('p')d3.selectAll('p')d3.select('.txt').style('color', '#fff')// 2.支持动态设置属性// a:随机属性 ...

  4. Oracle的NVL函数用法

    从两个表达式返回一个非 null 值. 语法 NVL(eExpression1, eExpression2) 参数eExpression1, eExpression2 如果 eExpression1 ...

  5. [教程]-三种空格unicode(\u00A0,\u0020,\u3000)表示的区别

    1.不间断空格\u00A0,主要用在office中,让一个单词在结尾处不会换行显示,快捷键ctrl+shift+space ; 2.半角空格(英文符号)\u0020,代码中常用的; 3.全角空格(中文 ...

  6. JVM 内部原理(六)— Java 字节码基础之一

    JVM 内部原理(六)- Java 字节码基础之一 介绍 版本:Java SE 7 为什么需要了解 Java 字节码? 无论你是一名 Java 开发者.架构师.CxO 还是智能手机的普通用户,Java ...

  7. ipv6禁用导致rpcbind服务启动失败实例

    ipv6禁用导致rpcbind服务启动失败实例     昨天在做服务器磁盘分区扩容的时候出现过一个服务启动的问题,在此记录.情景再现:前天晚上申请做磁盘扩容,得到批准后,昨天早上5点开始做停机调整维护 ...

  8. hdoj:2029

    #include <iostream> #include <string> using namespace std; bool isPalindromes(string s) ...

  9. halcon模板匹配

    在机器视觉应用中,经常需要对图像进行仿射变换.1.在基于参考的视觉检测中,由于待检图像与参考图像或多或少都会存在几何变化(平移.旋转.缩放等),所以在做比较之前一般都要对待检图像进行仿射变换以对齐图像 ...

  10. C++ 智能指针六

    /* 智能指针unique_ptr */ #include <iostream> #include <string> #include <memory> #incl ...