FIBRE
Page tree
Skip to end of metadata
Go to start of metadata

Instalação

Instalar OS: CentOS 7 Minimal

  • Language: English (United States)
  • Keyboard: Portugue (Brazil)
  • Software Selection: Minimal Install
  • Installation Destination:
    • /boot - 1G - ext2
    • swap - 8G
    • / - Restante do disco - ext4
  • Root password
    • Don't use a weak password (sorriso)
  • Create user:
    • login: whitebox
    • password: fibre42
      • Make this user administrator
      • Require a password to use this account
  • Rede:
    • IP: 10.ID.0.10
    • Subnet: 255.255.0.0
    • GW: 10.ID.0.30
    • DNS: 8.8.8.8


Configuração

Atualizações Automáticas de Segurança:

Instalar o dnf-automatic

sudo yum install -y dnf-automatic


Edite o arquivo /etc/dnf/automatic.conf e altere o parâmetro upgrade_type

upgrade_type = security

Inicializar o dnf-automatic

sudo systemctl enable dnf-automatic-install.timer && sudo systemctl start dnf-automatic-install.timer


Tuning

for IF in `ls /proc/sys/net/ipv6/conf`

do

  echo 0 > /proc/sys/net/ipv6/conf/$IF/autoconf

done


Irqbalance

dnf -y install irqbalance

echo "IRQBALANCE_BANNED_CPUS=FC" >>  /etc/sysconfig/irqbalance

systemctl enable irqbalance && systemctl start irqbalance


Tuned

dnf -y install tuned

mkdir /etc/tuned/whitebox


cat << EOF > /etc/tuned/whitebox/tuned.conf

[main]

include=network-latency

[bootloader]

cmdline = selinux=0 isolcpus=2-7 nosoftlockup mce=ignore_ce idle=poll nohz_full=2-7 hugepages=2048 iommu=pt intel_iommu=on

[sysctl]

kernel.nmi_watchdog=0

vm.stat_interval=10

vm.nr_hugepages=2048

[sysfs]

/sys/bus/workqueue/devices/writeback/cpumask = FC
/sys/devices/virtual/workqueue/cpumask = FC

EOF


sudo tuned-adm profile whitebox

sudo systemctl enable tuned && systemctl start tuned 


É necessário reiniciar para que as configurações tenham efeito.

DPDK e driverctl

Atualize e reinicie para utilizar o último kernel.

dnf -y install dpdk driverctl

modprobe uio-pci-generic
driverctl set-override 0000:08:00.0 uio_pci_generic
driverctl set-override 0000:0b:00.0 uio_pci_generic
driverctl set-override 0000:0b:00.1 uio_pci_generic
driverctl set-override 0000:0b:00.2 uio_pci_generic
driverctl set-override 0000:0b:00.3 uio_pci_generic


Installing OVS

Instalando dependências

dnf -y install dnf-plugins-core dpdk-devel libpcap-devel numactl-devel rpm-build libmnl-devel libibverbs


Download do fonte do OVS

OVS_VER=2.12.0
mkdir -p ~/rpmbuild/SOURCES/
curl -o ~/rpmbuild/SOURCES/openvswitch-$OVS_VER.tar.gz -L http://openvswitch.org/releases/openvswitch-$OVS_VER.tar.gz


Criar o arquivo SPEC

mkdir -p ~/rpmbuild/SPECS/
tar xOfz ~/rpmbuild/SOURCES/openvswitch-$OVS_VER.tar.gz openvswitch-$OVS_VER/rhel/openvswitch-fedora.spec.in --strip=2 | sed -e "s/@VERSION@/$OVS_VER/" > ~/rpmbuild/SPECS/openvswitch.spec


Instalar as dependências do OVS

dnf -y builddep ~/rpmbuild/SPECS/openvswitch.spec


Build do pacote do OVS com suporte a DPDK

rpmbuild -bb ~/rpmbuild/SPECS/openvswitch.spec --with dpdk --without check --define='optflags -Ofast -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -march=native -fomit-frame-pointer -mssse3 -msse4.2'


Instalar o pacote OVS

dnf -y install ~/rpmbuild/RPMS/x86_64/openvswitch-$OVS_VER-1.el7.x86_64.rpm


Forçar OVS para rodar com root (para suportar as interfaces uio-pci-generic dpdk)

sed -i 's/^OVS_USER_ID=/#OVS_USER_ID=/' /etc/sysconfig/openvswitch
systemctl start openvswitch && systemctl enable openvswitch
ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-init=true
ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-socket-mem="4096,0"
ovs-vsctl --no-wait set Open_vSwitch . other_config:pmd-cpu-mask=FC 
systemctl restart openvswitch


Configurando o openvswitch para inserir controladores, bridge, filas e interface:


Segue abaixo dois modelos de configuração. Um para criar 01 switch virtual de 6 portas e outro para criar 02 switches virtuais com 4 portas (3 portas físicas e 1 lógica)


Switch Virtual de 6 portas

Bridge

sudo ovs-vsctl add-br br-dpdk0 -- set bridge br-dpdk0 datapath_type=netdev protocols=OpenFlow10 fail-mode=secure


Portas

sudo ovs-vsctl add-port br-dpdk0 dpdk0 -- set Interface dpdk0 type=dpdk mtu_request=9600 ofport_request=1 options:dpdk-devargs=0000:00:14.0
 
sudo ovs-vsctl add-port br-dpdk0 dpdk1 -- set Interface dpdk1 type=dpdk mtu_request=9600 ofport_request=2 options:dpdk-devargs=0000:00:14.1
 
sudo ovs-vsctl add-port br-dpdk0 dpdk2 -- set Interface dpdk2 type=dpdk mtu_request=9600 ofport_request=3 options:dpdk-devargs=0000:00:14.2
  
sudo ovs-vsctl add-port br-dpdk0 dpdk3 -- set Interface dpdk3 type=dpdk mtu_request=9600 ofport_request=4 options:dpdk-devargs=0000:00:14.3
  
sudo ovs-vsctl add-port br-dpdk0 dpdk4 -- set Interface dpdk4 type=dpdk mtu_request=9600 ofport_request=5 options:dpdk-devargs=0000:05:00.0
  
sudo ovs-vsctl add-port br-dpdk0 dpdk5 -- set Interface dpdk5 type=dpdk mtu_request=9600 ofport_request=6 options:dpdk-devargs=0000:05:00.1

Configuração do Controlador

sudo ovs-vsctl set-controller br-dpdk0 tcp:<ip controller>:6633

Reboot o whitebox:

sudo reboot

Após reinicialização verificar se o openvswitch iniciou corretamente:

sudo systemctl status openvswitch.service
sudo ovs-ofctl show br-dpdk0

Dois Switches Virtuais de 4 portas


Bridge

sudo ovs-vsctl add-br br-dpdk0 -- set bridge br-dpdk0 datapath_type=netdev protocols=OpenFlow10 fail-mode=secure
sudo ovs-vsctl add-br br-dpdk1 -- set bridge br-dpdk1 datapath_type=netdev protocols=OpenFlow10 fail-mode=secure


Portas da Bridge br-dpdk0: 

sudo ovs-vsctl add-port br-dpdk0 dpdk0 -- set Interface dpdk0 type=dpdk mtu_request=9600 ofport_request=1 options:dpdk-devargs=0000:00:14.0 
sudo ovs-vsctl add-port br-dpdk0 dpdk2 -- set Interface dpdk2 type=dpdk mtu_request=9600 ofport_request=2 options:dpdk-devargs=0000:00:14.2 
sudo ovs-vsctl add-port br-dpdk0 dpdk4 -- set Interface dpdk4 type=dpdk mtu_request=9600 ofport_request=3 options:dpdk-devargs=0000:05:00.0  
sudo ovs-vsctl add-port br-dpdk0 patch0 -- set Interface patch0 type=patch options:peer=patch1 mtu_request=9600 ofport_request=4

Portas da Bridge br-dpdk1:

sudo ovs-vsctl add-port br-dpdk1 dpdk1 -- set Interface dpdk1 type=dpdk mtu_request=9600 ofport_request=1 options:dpdk-devargs=0000:00:14.1  
sudo ovs-vsctl add-port br-dpdk1 dpdk3 -- set Interface dpdk3 type=dpdk mtu_request=9600 ofport_request=2 options:dpdk-devargs=0000:00:14.3  
sudo ovs-vsctl add-port br-dpdk1 dpdk5 -- set Interface dpdk5 type=dpdk mtu_request=9600 ofport_request=3 options:dpdk-devargs=0000:05:00.1  
sudo ovs-vsctl add-port br-dpdk1 patch1 -- set Interface patch1 type=patch options:peer=patch0 mtu_request=9600 ofport_request=4


Configuração do Controlador

sudo ovs-vsctl set-controller br-dpdk0 tcp:<ip controller>:6633
sudo ovs-vsctl set-controller br-dpdk1 tcp:<ip controller>:6633


Reboot o whitebox:

sudo reboot


Após reinicialização verificar se o openvswitch iniciou corretamente:

sudo systemctl status openvswitch.service
sudo ovs-ofctl show br-dpdk0
  • No labels

FIBRE: Future Internet Brazilian Environment for Experimentation
fibre.org.br