Openvswitch手冊(1): 架構,SSL, Manager, Bridge
1、總論html
Openvswitch是一個virutal swtich, 支持Open Flow協議,固然也有一些硬件Switch也支持Open Flow協議,他們均可以被統一的Controller管理,從而實現物理機和虛擬機的網絡聯通。數據庫
Open Switch定義了一系列Flow Table,經過它來控制包的流向和結構。json
根據Open Flow協議,Flow Table包含match field,若是匹配上了,則執行Action。bootstrap
其中Match Field涵蓋TCP/IP協議各層:網絡
- Layer 1 – Tunnel ID, In Port, QoS priority, skb mark
- Layer 2 – MAC address, VLAN ID, Ethernet type
- Layer 3 – IPv4/IPv6 fields, ARP
- Layer 4 – TCP/UDP, ICMP, ND
Action也主要包含下面的操做:架構
- Output to port (port range, flood, mirror)
- Discard, Resubmit to table x
- Packet Mangling (Push/Pop VLAN header, TOS, ...)
- Send to controller, Learn
能夠設置Tunnel框架
能夠支持下列的框架來監控流量。dom
- sFlow
- NetFlow
- Port Mirroring
- SPAN
- RSPAN
- ERSPAN
支持QoSsocket
- Uses existing Traffic Control Layer
- Policer (Ingress rate limiter)
- HTB, HFSC (Egress traffic classes)
- Controller (Open Flow) can select Traffic Class
2、Openvswitch的架構
3、數據庫結構和OVS-VSCTL
# ps aux | grep openvswitch
root 1117 0.0 0.0 21200 1580 ? S< Jun09 0:35 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --no-chdir --log-file=/var/log/openvswitch/ovsdb-server.log --pidfile=/var/run/openvswitch/ovsdb-server.pid --detach --monitor
root 1153 0.6 1.1 169508 24016 ? S<Ll Jun09 16:24 ovs-vswitchd unix:/var/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info --mlockall --no-chdir --log-file=/var/log/openvswitch/ovs-vswitchd.log --pidfile=/var/run/openvswitch/ovs-vswitchd.pid --detach --monitorasync
咱們發現有兩個進程:
- ovsdb-server 維護數據庫/etc/openvswitch/conf.db
- ovs-vswitchd 核心daemon
- 二者經過unix domain socket /var/run/openvswitch/db.sock 互相通訊
ovs-vsctl就是經過和ovsdb-server通訊,來修改數據庫。
ovs-vswitchd會和ovsdb-server進行通訊,來對虛擬設備作相應的修改。
因此ovs-vsctl裏面的命令大多數都是對數據庫的操做,於是咱們必須好好的瞭解數據庫。
若是咱們cat /etc/openvswitch/conf.db,咱們會發現它是json格式的。
數據庫能夠經過ovsdb-client dump將數據庫內容打印出來
# ovsdb-client dump
Bridge table
_uuid controller datapath_id datapath_type external_ids fail_mode flood_vlans flow_tables ipfix mirrors name netflow other_config ports protocols sflow status stp_enable
------------------------------------ ---------- ------------------ ------------- ------------ --------- ----------- ----------- ----- ------- ------ ------- ------------ ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- --------- ----- ------ ----------
929ab1c2-1146-411d-8557-af7498a26444 [] "0000080027dfbff7" "" {} [] [] {} [] [] br-ex [] {} [52c02f9d-db2f-4c50-84ce-7a377530ad3b, 79f74c54-056d-4c60-82d7-46412ceee17e] [] [] {} false
12ebfe38-6dab-402a-8fb5-aa814a5a3f52 [] "00003afeeb122a40" "" {} [] [] {} [] [] br-int [] {} [02049620-d3b4-4ecf-9d9e-f8b40a039f64, 035eed84-ce54-44c4-97d5-92f9cc9d662e, 18eacfea-0982-4c89-b2aa-3e2c7dc2b6d3, d43963b0-be0b-4265-b0bb-4ebc928d3ee0, d564225b-60e4-4786-a5fc-6b1c8febd0fb] [] [] {} false
ccfc8a92-2d29-4a55-ae4b-21f59eeeaed7 [] "0000928afccc554a" "" {} [] [] {} [] [] br-tun [] {} [6d14a97d-28e8-42f8-b5d6-ec655ccc7b91, 8b0946ae-3177-4d5d-bc8e-6d04536701ad] [] [] {} false
Controller table
_uuid connection_mode controller_burst_limit controller_rate_limit enable_async_messages external_ids inactivity_probe is_connected local_gateway local_ip local_netmask max_backoff other_config role status target
----- --------------- ---------------------- --------------------- --------------------- ------------ ---------------- ------------ ------------- -------- ------------- ----------- ------------ ---- ------ ------
Flow_Sample_Collector_Set table
_uuid bridge external_ids id ipfix
----- ------ ------------ -- -----
Flow_Table table
_uuid flow_limit groups name overflow_policy
----- ---------- ------ ---- ---------------
IPFIX table
_uuid cache_active_timeout cache_max_flows external_ids obs_domain_id obs_point_id sampling targets
----- -------------------- --------------- ------------ ------------- ------------ -------- -------
Interface table
_uuid admin_state bfd bfd_status cfm_fault cfm_fault_status cfm_health cfm_mpid cfm_remote_mpids cfm_remote_opstate duplex external_ids ifindex ingress_policing_burst ingress_policing_rate lacp_current link_resets link_speed link_state mac mac_in_use mtu name ofport ofport_request options other_config statistics status type
------------------------------------ ----------- --- ---------- --------- ---------------- ---------- -------- ---------------- ------------------ ------ -------------------------------------------------------------------------------------------------------------------------------------------------------- ------- ---------------------- --------------------- ------------ ----------- ----------- ---------- --- ------------------- ---- ---------------- ------ -------------- ---------------- ------------ --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------- --------
54ab6189-2611-40cc-884f-5ce20913bc32 down {} {} [] [] [] [] [] [] full {} 3 0 0 [] 0 1000000000 down [] "08:00:27:df:bf:f7" 1500 "eth1" 3 [] {} {} {collisions=0, rx_bytes=0, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=0, tx_bytes=558, tx_dropped=0, tx_errors=0, tx_packets=7} {driver_name="e1000", driver_version="7.3.21-k8-NAPI", firmware_version=""} ""
6da8e9cd-98df-451e-b7d9-fcddefe0325e up {} {} [] [] [] [] [] [] [] {} 0 0 0 [] 0 [] up [] "c2:9e:64:de:bd:db" [] patch-int 1 [] {peer=patch-tun} {} {collisions=0, rx_bytes=1340, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=18, tx_bytes=90, tx_dropped=0, tx_errors=0, tx_packets=1} {} patch
eda8218d-1d5e-4c52-ad89-24f8d0445ef9 up {} {} [] [] [] [] [] [] [] {} 0 0 0 [] 0 [] up [] "fa:91:44:32:65:f9" [] patch-tun 1 [] {peer=patch-int} {} {collisions=0, rx_bytes=90, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=1, tx_bytes=1340, tx_dropped=0, tx_errors=0, tx_packets=18} {} patch
ee54427c-133c-4b2a-a641-c2624732eb66 up {} {} [] [] [] [] [] [] [] {} 5 0 0 [] 0 [] up [] "08:00:27:df:bf:f7" 1500 br-ex 65534 [] {} {} {collisions=0, rx_bytes=648, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=8, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0} {driver_name=openvswitch} internal
a45575fd-5179-459e-8951-3553c51f4aaa up {} {} [] [] [] [] [] [] [] {} 6 0 0 [] 2 [] up [] "3a:fe:eb:12:2a:40" 1500 br-int 65534 [] {} {} {collisions=0, rx_bytes=648, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=8, tx_bytes=2078, tx_dropped=0, tx_errors=0, tx_packets=27} {driver_name=openvswitch} internal
801c0dec-44db-4161-b791-08828d542ecf up {} {} [] [] [] [] [] [] [] {} 8 0 0 [] 2 [] up [] "92:8a:fc:cc:55:4a" 1500 br-tun 65534 [] {} {} {collisions=0, rx_bytes=648, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=8, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0} {driver_name=openvswitch} internal
e8193562-c3bb-4b48-a9bf-00bba5f2a213 up {} {} [] [] [] [] [] [] full {attached-mac="fa:16:3e:37:28:e6", iface-id="7d18228b-476f-4b50-804a-18e60e6b0e6f", iface-status=active, vm-uuid="413d9fb4-34e5-4032-95ff-dea80f1f4adc"} 17 0 0 [] 0 10000000000 up [] "66:b8:10:c8:dc:df" 1500 "qvo7d18228b-47" 4 [] {} {} {collisions=0, rx_bytes=530, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=7, tx_bytes=0, tx_dropped=0, tx_errors=0, tx_packets=0} {driver_name=veth, driver_version="1.0", firmware_version=""} ""
b33cdfe2-dab1-449e-b2be-ce85e2d0ac79 up {} {} [] [] [] [] [] [] full {attached-mac="fa:16:3e:58:be:c6", iface-id="eea9263a-5e4b-4e5b-9923-3d59ca752082", iface-status=active, vm-uuid="98b592b1-7778-46f1-93df-3c5079650b71"} 14 0 0 [] 0 10000000000 up [] "7a:d4:a4:8d:60:b7" 1500 "qvoeea9263a-5e" 3 [] {} {} {collisions=0, rx_bytes=530, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=7, tx_bytes=390, tx_dropped=0, tx_errors=0, tx_packets=5} {driver_name=veth, driver_version="1.0", firmware_version=""} ""
c0a5afe4-b7a8-4230-b3bb-af11a33de14e up {} {} [] [] [] [] [] [] full {attached-mac="fa:16:3e:6f:5e:bf", iface-id="c64bd111-eff3-4c65-b096-53c3b3188a43", iface-status=active, vm-uuid="e2009bf8-de2b-4bff-a96a-627a61caf9e7"} 11 0 0 [] 0 10000000000 up [] "e2:d8:61:c4:1d:01" 1500 "qvoc64bd111-ef" 2 [] {} {} {collisions=0, rx_bytes=280, rx_crc_err=0, rx_dropped=0, rx_errors=0, rx_frame_err=0, rx_over_err=0, rx_packets=4, tx_bytes=250, tx_dropped=0, tx_errors=0, tx_packets=3} {driver_name=veth, driver_version="1.0", firmware_version=""} ""
Manager table
_uuid connection_mode external_ids inactivity_probe is_connected max_backoff other_config status target
----- --------------- ------------ ---------------- ------------ ----------- ------------ ------ ------
Mirror table
_uuid external_ids name output_port output_vlan select_all select_dst_port select_src_port select_vlan statistics
----- ------------ ---- ----------- ----------- ---------- --------------- --------------- ----------- ----------
NetFlow table
_uuid active_timeout add_id_to_interface engine_id engine_type external_ids targets
----- -------------- ------------------- --------- ----------- ------------ -------
Open_vSwitch table
_uuid bridges cur_cfg db_version external_ids manager_options next_cfg other_config ovs_version ssl statistics system_type system_version
------------------------------------ ------------------------------------------------------------------------------------------------------------------ ------- ---------- -------------------------------------------------- --------------- -------- ------------ ----------- --- ---------- ----------- --------------
ab19a0f9-1dc8-44d0-ac00-a9687bb43fdd [12ebfe38-6dab-402a-8fb5-aa814a5a3f52, 929ab1c2-1146-411d-8557-af7498a26444, ccfc8a92-2d29-4a55-ae4b-21f59eeeaed7] 273 "7.3.0" {system-id="6b963f5d-45e7-409f-b5ee-8e30006dcd73"} [] 273 {} "2.0.1" [] {} Ubuntu "14.04-trusty"
Port table
_uuid bond_downdelay bond_fake_iface bond_mode bond_updelay external_ids fake_bridge interfaces lacp mac name other_config qos statistics status tag trunks vlan_mode
------------------------------------ -------------- --------------- --------- ------------ ------------ ----------- -------------------------------------- ---- --- ---------------- ------------ --- ---------- ------ --- ------ ---------
52c02f9d-db2f-4c50-84ce-7a377530ad3b 0 false [] 0 {} false [ee54427c-133c-4b2a-a641-c2624732eb66] [] [] br-ex {} [] {} {} [] [] []
18eacfea-0982-4c89-b2aa-3e2c7dc2b6d3 0 false [] 0 {} false [a45575fd-5179-459e-8951-3553c51f4aaa] [] [] br-int {} [] {} {} [] [] []
8b0946ae-3177-4d5d-bc8e-6d04536701ad 0 false [] 0 {} false [801c0dec-44db-4161-b791-08828d542ecf] [] [] br-tun {} [] {} {} [] [] []
79f74c54-056d-4c60-82d7-46412ceee17e 0 false [] 0 {} false [54ab6189-2611-40cc-884f-5ce20913bc32] [] [] "eth1" {} [] {} {} [] [] []
6d14a97d-28e8-42f8-b5d6-ec655ccc7b91 0 false [] 0 {} false [6da8e9cd-98df-451e-b7d9-fcddefe0325e] [] [] patch-int {} [] {} {} [] [] []
035eed84-ce54-44c4-97d5-92f9cc9d662e 0 false [] 0 {} false [eda8218d-1d5e-4c52-ad89-24f8d0445ef9] [] [] patch-tun {} [] {} {} [] [] []
d564225b-60e4-4786-a5fc-6b1c8febd0fb 0 false [] 0 {} false [e8193562-c3bb-4b48-a9bf-00bba5f2a213] [] [] "qvo7d18228b-47" {} [] {} {} 1 [] []
02049620-d3b4-4ecf-9d9e-f8b40a039f64 0 false [] 0 {} false [c0a5afe4-b7a8-4230-b3bb-af11a33de14e] [] [] "qvoc64bd111-ef" {} [] {} {} 1 [] []
d43963b0-be0b-4265-b0bb-4ebc928d3ee0 0 false [] 0 {} false [b33cdfe2-dab1-449e-b2be-ce85e2d0ac79] [] [] "qvoeea9263a-5e" {} [] {} {} 1 [] []
QoS table
_uuid external_ids other_config queues type
----- ------------ ------------ ------ ----
Queue table
_uuid dscp external_ids other_config
----- ---- ------------ ------------
SSL table
_uuid bootstrap_ca_cert ca_cert certificate external_ids private_key
----- ----------------- ------- ----------- ------------ -----------
sFlow table
_uuid agent external_ids header polling sampling targets
----- ----- ------------ ------ ------- -------- -------
數據庫表之間的關係如圖所示
其中Open_vSwitch是根,結構以下:
這個表示ovs-vswitchd的配置,包含下面的幾方面:
- 對bridge設備的配置,bridges指向bridge表,咱們能看到的openvswitch的主要功能都是在bridge上實現的,在bridge表中詳細敘述。
- 對自己的一些配置;
- other_config : stats-update-interval :將統計信息寫入數據庫的間隔時間
- other_config : flow-restore-wait : 爲hot-upgrade使用的,若是設爲true則不處理任何的包。通常使用的過程爲,先停掉ovs-vswitchd,而後將這個值設爲true,啓動ovs-vswitchd,這個時候不處理任何包,而後使用ovs-ofctl將flow table restore到一個正確的狀態,最後設置這個值爲false,開始處理包
- other_config : flow-limit :在flow table中flow entry的數量
- other_config : n-handler-threads :用於處理新flow的線程數
- other_config : n-revalidator-threads :用於驗證flow的線程數.
- other_config : enable-statistics 是否統計
- statistics : cpu 統計cpu數量,線程
- statistics : load_average system load
- statistics : memory 總RAM,swap
- statistics : process_NAME :with NAME replaced by a process name,統計memory size, cpu time等
- statistics : file_systems:mount point, size, used
- client request id: 也即cur_cfg和next_cfg,當一個client修改了數據庫的以後,增長next_cfg,而後等待openvswitch應用這些修改,當修改應用完畢,則cur_cfg = next_cfg。若是咱們打開/etc/openvswitch/conf.db文件,咱們發現,隨着咱們隊openvswitch的配置,cur_cfg是不斷++的
- 對SSL的配置:指向SSL表,主要配置private key, certificate(裏面是public key),已經CA的certificate
- 對ovsdb-server的配置,指向Manager表,ovs-vswitchd做爲它的client,配置一下db connection的選項
在SSL表中,包含了經典的SSL connection的全部配置:
openvswitch自己的private key和public key對,其中public key放在certificate中,而且須要CA使用本身的private key進行簽名,CA來擔保這個certificate是合法的,爲了驗證這個CA簽名,固然須要CA的public key,而CA的public key是放在ca cert裏面的,固然也須要被簽名,被更高級的CA擔保,或者本身擔保本身。
bootstrap_ca_cert是一個boolean,若是是true,則每次啓動的時候,都會向controller去拿最新的ca cert。
咱們若是仔細觀察ovsdb-server進程,據發現這些配置被使用了。
ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --no-chdir --log-file=/var/log/openvswitch/ovsdb-server.log --pidfile=/var/run/openvswitch/ovsdb-server.pid --detach –monitor
咱們還能夠配置ovs-vswitchd和ovs-controller之間經過ssl相互通訊,使用的是雙向SSL互信
配置ovs-vswitchd,使用switch的private key(sc-privkey.pem)和public key(sc-cert.pem),可是指定的是controller的CA Cert(cacert.pem)
-
cd /etc/openvswitch
-
sudo ovs-pki req+sign sc switch
-
sudo ovs-vsctl set-ssl \
-
/etc/openvswitch/sc-privkey.pem \
-
/etc/openvswitch/sc-cert.pem \
-
/ var/lib/openvswitch/pki/controllerca/cacert.pem
配置並啓動controller
-
cd /etc/openvswitch
-
sudo ovs-pki req+sign ctl controller
-
sudo ovs-controller -v pssl: 6633 \
-
-p /etc/openvswitch/ctl-privkey.pem \
-
- c /etc/openvswitch/ctl-cert.pem \
-
- C /var/lib/openvswitch/pki/switchca/cacert.pem
這裏配置的是controller的的private key(ctl-privkey.pem)和public key(ctl-cert.pem),可是指定的是switch的CA Cert(cacert.pem)
這個SSL機制有關,當創建SSL鏈接的時候,
當client鏈接Server的時候,Server會將本身的certificate發給client,未來Client會用Server的certificate來解密Server用private key加密的信息,然而這個certificate是否合法,須要CA進行驗證,因爲這個certificate是Server的,固然client要使用Server的CA cert進行驗證。同理Server會向client請求Client的certificate,來解密Client的private key加密的信息,則會用Client的CA cert進行驗證。
當創建ssl鏈接後,咱們能夠看到下面的樣子:
-
mininet@mininet:~$ sudo ovs-vsctl show
-
902d6aa3-6a0a-4708-a286-3301c8b36430
-
Bridge "s1"
-
Controller "ssl:127.0.0.1:6633"
-
is_connected: true
-
fail_mode: secure
-
Port "s1"
-
Interface "s1"
-
type: internal
-
Port "s1-eth1"
-
Interface "s1-eth1"
-
Port "s1-eth2"
-
Interface "s1-eth2"
-
ovs_version: "2.0.1"
鏈接controller時某一個switch鏈接到某個controller.
然而鏈接manager時某一個openvswitch daemon鏈接到某個manager.
5、Manager
Manager表配置的是ovsdb-server的,他配置了ovsdb-server使用manager_options中的配置來監聽端口,等待client來鏈接。
其中最重要的一項就是target:
- ssl:ip[:port]:ovsdb-server會監聽在ip的port上,協議爲ssl
- tcp:ip[:port]:會監聽在ip的port上,協議爲tcp
- pssl:[port][:ip]:會監聽在端口port上,協議爲ssl
- ptcp:[port][:ip]:會監聽在端口port上,協議爲ssl
能夠經過下面的命令進行設置:
ovs-vsctl set-manager…
從架構圖中咱們看出,ovs-vswitchd是ovsdb-server的client,二者是經過unix domain sock /var/run/openvswitch/db.sock進行通訊的。
ovs-vsctl也是ovsdb-server的客戶端,默認狀況下,ovs-vsctl是運行在ovsdb-server同一臺機器上,也是經過/var/run/openvswitch/db.sock進行通訊的。
咱們看ovs-vsctl有參數--db,默認是unix:file,然而也能夠是tcp:ip:port或者ssl:ip:port
這就使得ovs-vsctl在另一臺機器上,也能遠程控制ovsdb-server.
咱們有兩臺機器,一臺16.158.165.153,咱們設置manager
sudo ovs-vsctl set-manager ptcp:8881
$ sudo ovs-vsctl show
ab19a0f9-1dc8-44d0-ac00-a9687bb43fdd
Manager "ptcp:8881"
Bridge br-int
Port br-int
Interface br-int
type: internal
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "qvoeea9263a-5e"
tag: 1
Interface "qvoeea9263a-5e"
Port "qvo7d18228b-47"
tag: 1
Interface "qvo7d18228b-47"
Port "qvoc64bd111-ef"
tag: 1
Interface "qvoc64bd111-ef"
Bridge br-ex
Port br-ex
Interface br-ex
type: internal
Port "eth1"
Interface "eth1"
Bridge br-tun
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port br-tun
Interface br-tun
type: internal
ovs_version: "2.0.1"
另外一臺機器16.158.165.102,咱們在上面運行
root@openstackcliu8:~# ovs-vsctl show
21c19aae-c278-4c65-9c6b-9b2c4d67b6dd
ovs_version: "2.0.1"
發現表是空的。
# ovs-vsctl --db=tcp:16.158.165.153:8881 show
ab19a0f9-1dc8-44d0-ac00-a9687bb43fdd
Manager "ptcp:8881"
Bridge br-int
Port br-int
Interface br-int
type: internal
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "qvoeea9263a-5e"
tag: 1
Interface "qvoeea9263a-5e"
Port "qvo7d18228b-47"
tag: 1
Interface "qvo7d18228b-47"
Port "qvoc64bd111-ef"
tag: 1
Interface "qvoc64bd111-ef"
Bridge br-ex
Port br-ex
Interface br-ex
type: internal
Port "eth1"
Interface "eth1"
Bridge br-tun
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port br-tun
Interface br-tun
type: internal
ovs_version: "2.0.1"
6、Bridge表
Open_vSwitch指向Bridge表
Bridge表無疑是最重要的表,所謂的virtual switch,可能是用bridge來實現的。
Bridge有下面幾項配置:
- 核心功能配置項
- name
- ports:指向Port表,
- mirrors:指向mirror表
- netflow
- sflow
- ipfix
- flood_vlans:是一些vlan id,對於這些vlan id,mac address learning是不作的,每次尋找mac都進行arp
- OpenFlow配置項:從架構圖中咱們能夠看出,openvwitch的一個bridge能夠經過openflow協議,被一個統一的controller管理的
- Controller
- flow_tables
- fail_mode:
- 一旦一個bridge連到一個openflow controller,則flow table就由controller統一管理,若是鏈接斷了
- secure: 這個bridge會試圖一直鏈接controller,並不本身創建flow table
- standalone:一旦bridge三次連不上controller,就本身創建和管理flow table
- datapath_id:
- Spaning Tree配置
單純建立一個bridge 很簡單
ovs-vsctl add-br helloworld,可是裏面的若干配置相對比較複雜。
下一節,咱們來看Controller
- 1. OpenvSwitch徹底使用手冊
- 2. Openvswitch手冊(4): Mirror
- 3. Openvswitch手冊: QoS
- 4. Openvswitch手冊(2): OpenFlow Controller
- 5. Openvswitch手冊(3): sFlow, netFlow
- 6. Openvswitch手冊(5): VLAN and Bonding
- 7. openvswitch dpdk
- 8. Openvswitch原理與代碼分析(1):整體架構
- 9. Openvswitch原理與代碼分析(1):總體架構
- 10. 64-ia-32架構優化手冊(4)
- 更多相關文章...
- • Docker 架構 - Docker教程
- • XQuery 參考手冊 - XQuery 教程
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
- • 常用的分佈式事務解決方案
-
每一个你不满意的现在,都有一个你没有努力的曾经。