ip configuration
Effective permanently or temporarily
If it involves production, the mac address of the network port of each machine is different. For different systems, ubuntu and centos have different modification methods.
Application scenario, based on the domestic system kylin, each production machine needs to maintain the same network port name
When booting, the kylin system allocates the network port name starting from eno0.
Later, you can change the network port name you need based on the changed name of the system.
#ip set echo "ip set" >> /zdxlz/etc/system/out.txt ifconfig eno1 down ip link set eno1 name MGMT0 ifconfig MGMT0 up ifconfig MGMT0 192.168.254.232 netmask 255.255.255.0 sleep 1 ifconfig eno2 down ip link set eno2 name MGMT1 ifconfig MGMT1 up sleep 1
For permanent configuration, modify the network port name scheme according to Ubuntu
1. Modify the yaml file
/etc/netplan/01-network-manager-all.yaml
2. Modify the name through udev rules
vim /etc/udev/rules .d/[email protected]
Modification requires more specific system startup process, configuration file calling sequence, and switching of some services, etc.
Container IP management
#!/usr/bin/env bash
function LOG() {<!-- -->
CHSMMI_LOG_PATH=/zdxlz/var/log/chsmmi/chsmmi_script.log
local log_level=$1
local log_content=$2
if [ "${log_level}" != "INFO" -a "${log_level}" != "WARN" -a "${log_level}" != "ERROR" ]; then
return
fi
if [ -z "${log_content}" ]; then
return
fi
local curtime=$(date + "%y-%m-%d %H:%M:%S")
local script_name=$(basename $0)
echo "${curtime} ${script_name} ${log_level} ${log_content}" >>${CHSMMI_LOG_PATH} 2> & amp;1
}
# echo output is returned to the calling program (such as chsmmi)
function LOG_ERROR_AND_EXIT() {<!-- -->
local log_content=$1
if [ -z "${log_content}" ]; then
return
fi
LOG ERROR "${log_content}"
echo ${log_content}
exit 1
}
function get_dns_info() {<!-- -->
local dns_list=$(grep '^nameserver' /etc/resolv.conf | cut -d " " -f 2)
if [ -z "${dns_list}" ]; then
LOG_ERROR_AND_EXIT "Failed to get DNS info."
fi
local dns_str=""
for d in ${dns_list}; do
if [ ! -z "${dns_str}" ]; then
dns_str="${dns_str};"
fi
dns_str="${dns_str}${d}"
done
echo ${dns_str}
LOG DEBUG "Success to get DNS: ${dns_str}"
exit 0
}
#Do not specify the shared namespace --ipc when creating
function create_vsm() {<!-- -->
local imageName=$1
local vsmName=$2
local ecard=$3
#Memory and cpu weight
local memLimit=${4:-2000}
local cpuShare=${5:-1024}
//create
LOG INFO "create_vsm imageName ${imageName} vsmName ${vsmName} ecard ${ecard} memLimit ${memLimit} cpuShare ${cpuShare}"
docker create -it --name ${vsmName} --net=none --hostname ${vsmName} -m ${memLimit}M --cpu-shares ${cpuShare} -v /etc/localtime:/etc/localtime :ro \
--cap-add NET_ADMIN --device=/dev/${ecard}:/dev/${ecard} ${imageName} /bin/bash /start.sh
if [ $? != 0 ]; then
LOG_ERROR_AND_EXIT "create vsm ${vsmName} failed."
fi
LOG INFO "Success to create vsm ${vsmName}"
exit 0
}
function start_vsm() {<!-- -->
local vsmName=$1
docker start ${vsmName}
if [ $? != 0 ]; then
LOG_ERROR_AND_EXIT "start vsm ${vsmName} failed."
fi
LOG INFO "Success to start vsm ${vsmName}"
exit 0
}
function stop_vsm() {<!-- -->
local vsmName=$1
docker stop ${vsmName}
if [ $? != 0 ]; then
LOG_ERROR_AND_EXIT "stop vsm ${vsmName} failed."
fi
LOG INFO "Success to stop vsm ${vsmName}"
exit 0
}
function restart_vsm() {<!-- -->
LOG INFO "start to restart vsm ${vsmName}"
local vsmName=$1
docker restart ${vsmName}
if [ $? != 0 ]; then
LOG_ERROR_AND_EXIT "restart vsm ${vsmName} failed."
fi
LOG INFO "Success to restart vsm ${vsmName}"
exit 0
}
function destory_vsm() {<!-- -->
local vsmName=$1
docker rm -f ${vsmName}
if [ $? != 0 ]; then
LOG_ERROR_AND_EXIT "delete vsm ${vsmName} failed."
fi
LOG INFO "Success to delete vsm ${vsmName}"
exit 0
}
function mask2cdr() {<!-- -->
local x=${1##*255.}
set -- 0^^^128^192^224^240^248^252^254^ $(((${#1} - ${#x}) * 2)) ${x%%.*}
x=${1%%$3*}
echo $(($2 + (${#x} / 4)))
}
function cdr2mask() {<!-- -->
# Number of args to shift, 255..255, first non-255 byte, zeroes
set -- $((5 - ($1 / 8))) 255 255 255 255 $(((255 << (8 - ($1 % 8))) & amp; 255)) 0 0 0
[ $1 -gt 1 ] & amp; & amp; shift $1 || shift
echo ${1-0}.${2-0}.${3-0}.${4-0}
}
function set_network_vsm() {<!-- -->
localip=$1
local mask=$2
local gateway=$3
local vsm_id=$4
#vsmid
local id=$5
local vlan_id=$6
local eth_type=$7
local eth_eth_no_vlan=bond0
local eth_eth_vlan=bond1
local eth_sfp_no_vlan=SFP0
local eth_sfp_vlan=SFP1
local eth=""
local br_name=""
#Electrical interface
#ens15f0 ens15f1 ens15f2 ens15f3
#administrative port
#enp7s0 enp8s0
#光口
#ens1f0 ens1f1
local cdr=$(mask2cdr ${<!-- -->mask})
local ns=$(docker inspect --format '{<!-- -->{ .State.Pid }}' ${<!-- -->vsm_id})
#Create a virtual Ethernet pair
/usr/sbin/ip link add vethIn-$id type veth peer name vethOut-$id
/usr/sbin/ip link set dev vethOut-$id up
#Assign in to the network namespace
/usr/sbin/ip link set vethIn-$id netns $ns
#Configure external communication ip routing gateway vethIn-1
nsenter -t $ns -n /usr/sbin/ip addr add ${ip}/${cdr} dev vethIn-$id
nsenter -t $ns -n /usr/sbin/ip route add default via ${gateway}
nsenter -t $ns -n /usr/sbin/ip link set dev vethIn-$id up
if [ ${eth_type} == "eth" ];then
if [ ${vlan_id} == "0" ];then
eth=${eth_eth_no_vlan}
else
eth=${eth_eth_vlan}
fi
br_name="BrEth"
elif [ ${eth_type} == "sfp" ];then
if [ ${vlan_id} == "0" ];then
eth=${eth_sfp_no_vlan}
else
eth=${eth_sfp_vlan}
fi
br_name="BrSfp"
else
LOG_ERROR_AND_EXIT "set vsm:${vsmName} network failed, invalid eth type: ${eth_type}"
fi
LOG INFO "set_network_vsm vsm_id ${vsm_id}, ip ${ip}, mask ${mask}, gateway ${gateway}, id ${id}, eth_type ${eth_type}, eth ${eth}, br_name ${br_name }"
if [ ${vlan_id} == "0" ];then
#host
/usr/sbin/ip link add name ${br_name} type bridge
/usr/sbin/ip link set ${br_name} up
#Add the virtual machine virtual Ethernet vethOut to the BrEth bridge
/usr/sbin/ip link set dev vethOut-$id master ${br_name}
#Bind the bond0 physical port without vlan network interface to the BrEth bridge
/usr/sbin/ip link set dev ${eth} master ${br_name}
/usr/sbin/ip link set dev ${eth} up
else
#host
#Create a VLAN sub-interface on the specified physical interface ${eth} and assign VLAN ID ${vlan_id} to this sub-interface. The purpose of this command is to create a virtual interface on an existing physical interface to achieve VLAN isolation
/usr/sbin/ip link add link ${eth} name ${eth}.${vlan_id} type vlan id ${vlan_id}
/usr/sbin/ip link set ${eth}.${vlan_id} up
#Create a bridge with id
/usr/sbin/ip link add name ${br_name}.${vlan_id} type bridge
/usr/sbin/ip link set ${br_name}.${vlan_id} up
#Bridge the virtual machine's virtual Ethernet interface to the bridge with an id number
/usr/sbin/ip link set dev vethOut-$id master ${br_name}.${vlan_id}
#Bridge VLAN sub-interface with id number
/usr/sbin/ip link set dev ${eth}.${vlan_id} master ${br_name}.${vlan_id}
/usr/sbin/ip link set dev ${eth}.${vlan_id} up
fi
if [ $? != 0 ]; then
LOG_ERROR_AND_EXIT "set vsm:${vsmName} network failed."
fi
LOG INFO "Success to set vsm:${vsmName} network."
exit 0
}
function delete_network_vsm() {<!-- -->
localip=$1
local mask=$2
local gateway=$3
local vsm_id=$4
local id=$5
local cdr=$(mask2cdr ${<!-- -->mask})
local ns=$(docker inspect --format '{<!-- -->{ .State.Pid }}' ${<!-- -->vsm_id})
# /usr/sbin/ip link add vethIn-$id type veth peer name vethOut-$id
# /usr/sbin/ip link set dev vethOut-$id up
# /usr/sbin/ip link set vethIn-$id netns $ns
nsenter -t $ns -n /usr/sbin/ip addr | grep ${ip} > /dev/null 2> & amp;1
if [ "$?" == "0" ];then
nsenter -t $ns -n /usr/sbin/ip addr del ${ip}/${cdr} dev vethIn-$id
fi
nsenter -t $ns -n /usr/sbin/ip route | grep ${gateway} > /dev/null 2> & amp;1
if [ "$?" == "0" ];then
nsenter -t $ns -n /usr/sbin/ip route del default via ${gateway}
fi
# nsenter -t $ns -n /usr/sbin/ip link set dev vethIn-$id up
# /usr/sbin/ip link set dev vethOut-$id master BrEth
if [ $? != 0 ]; then
LOG_ERROR_AND_EXIT "delete vsm:${vsmName} network failed."
fi
LOG INFO "Success to delete vsm:${vsmName} network."
exit 0
}
function set_inter_network_vsm() {<!-- -->
local vsm_id=$1
local id=$2
local cdr=24
LOG INFO "set_inter_network_vsm vsm_id ${vsm_id}, id ${id}"
#Get the container running PID
local ns=$(docker inspect --format '{<!-- -->{ .State.Pid }}' ${<!-- -->vsm_id})
#Create a pair of virtual Ethernet devices (veth),
/usr/sbin/ip link add vethInInt-$id type veth peer name vethOutInt-$id
/usr/sbin/ip link set dev vethOutInt-$id up
#Move the virtual Ethernet device to the specified network namespace to achieve isolation and network separation
/usr/sbin/ip link set vethInInt-$id netns $ns
#Assign internal communication IP based on container ID number
/usr/sbin/ip addr add 1.1.${id}.3/${cdr} dev vethOutInt-$id
/usr/sbin/iptables -nvL | grep 1.1.${id}.0/24 > /dev/null 2> & amp;1
if [ "$?" != "0" ];then
LOG INFO "set_inter_network_vsm set vsm_id ${vsm_id}, id ${id}"
/usr/sbin/iptables -A INPUT -s 1.1.${id}.3/24 -d 1.1.${id}.2/24 -j ACCEPT
fi
nsenter -t $ns -n /usr/sbin/ip addr add 1.1.${id}.2/${cdr} dev vethInInt-$id
nsenter -t $ns -n /usr/sbin/ip link set dev vethInInt-$id up
LOG INFO "set_inter_network_vsm set vsm white list for qtumd"
nsenter -t $ns -n /sbin/iptables -A INPUT -p tcp -s 1.1.${id}.3 -d 1.1.${id}.2 -j ACCEPT
if [ $? != 0 ]; then
LOG_ERROR_AND_EXIT "set vsm:${vsmName} inter network failed."
fi
LOG INFO "Success to set vsm:${vsmName} inter network."
exit 0
}
function get_gate_way() {<!-- -->
local card_name=$1
local gate_way=$(/usr/sbin/ip route | grep ${<!-- -->card_name} | grep via | cut -d " " -f 3)
if [ $? != 0 ]; then
LOG_ERROR_AND_EXIT "get ${card_name}'s gateway failed."
fi
# if [ -z "${gate_way}" ]; then
# gate_way=$(/usr/sbin/ip route | grep ${card_name} | grep via | grep -v default | awk -F 'via' '{print $2}' | awk -F 'dev' '{print $1 }')
# fi
LOG INFO "get ${card_name}'s gateway successfully."
echo "${gate_way}"
exit 0
}
case $1 in
create_vsm)
create_vsm $2 $3 $4 $5 $6
;;
start_vsm)
start_vsm $2
;;
stop_vsm)
stop_vsm $2
;;
restart_vsm)
restart_vsm $2
;;
destruction_vsm)
destruction_vsm $2
;;
set_network_vsm)
set_network_vsm $2 $3 $4 $5 $6 $7 $8
;;
delete_network_vsm)
delete_network_vsm $2 $3 $4 $5 $6
;;
set_inter_network_vsm)
set_inter_network_vsm $2 $3
;;
get_dns)
get_dns_info
;;
get_gate_way)
get_gate_way $2
;;
*)
LOG_ERROR_AND_EXIT "invalid param"
;;
esac
1. Temporary configuration of binding the network port (because it needs to bind the network port name that changes at any time after booting, so it needs to be configured through shell)
sudo modprobe bonding sudo ip link add bond0 type bond mode 0 miimon 100 sudo ip link set eth0 down sudo ip link set eth1 down sudo ip link set eth0 master bond0 sudo ip link set eth1 master bond0 sudo ip link set bond0 up
2. Normal binding of network ports and various modes
1. Install ifenslave;
dpkg -i ifenslave_2.7kord1_all.deb
2. Add bonding to the last line of the /etc/modules file and set the bonding module to load automatically at boot.
3. Create /etc/modprobe.d/bonding.conf, command vim /etc/modprobe.d/bonding.conf, the content is as follows:
options bonding mode=1 miimon=100
Among them, mode=1 means active-standby strategy.
4. Load the bonding module;
Command: sudo modprobe bonding
Check if loading is successful
lsmod|grep bonding
Configure the network interface used by bond0
ifenslave bond0 enp1s0f0 enp1s0f1
5. Write the configuration file, you can directly replace the interfaces file and modify the IP address.
vim /etc/network/interfaces or write several files separately and put them in the directory
The contents of the file are as follows:
source /etc/network/interfaces.d/* auto lo iface lo inet loopback auto enp1s0f0 iface enp1s0f0 inet manual bond-master bond0 auto enp1s0f1 iface enp1s0f1 inet manual bond-master bond0 auto bond0 iface bond0 inet static address 192.168.1.22 netmask 255.255.255.0 gateway 192.168.1.1 bond-slaves enp1s0f0 enp1s0f1 bond-mode 1 bond-miimon 100 auto enp1s0f2 iface enp1s0f2 inet static address 192.168.1.111 netmask 255.255.255.128 gateway 192.168.1.1
8. Disable the graphical interface network card
systemctl stop NetworkManager.service systemctl disable NetworkManager.service