A na-akpọ ndị na-agụ akwụkwọ ka ha mara onwe ha na ụkpụrụ nke iwulite akụrụngwa na-adịghị mma maka obere ụlọ ọrụ n'ime otu data data, nke a ga-atụle n'ụzọ zuru ezu n'ime obere isiokwu.
Okwu mmeghe
N'okpuru Ebe data Enwere ike ịghọta (Ebe nhazi data) dị ka:
- rack nke gị n'ime "ụlọ ihe nkesa" nke gị n'ime ụlọ nke ụlọ ọrụ ahụ, nke na-emezu ihe kachasị mkpa maka ịnye ọkụ ọkụ na oyi nke akụrụngwa, ma nwee ohere ịntanetị site na ndị na-enye onwe ha abụọ;
- a gbaziri agbaziri agbaziri na akụrụngwa nke ya, nke dị na ezigbo data center - nke a na-akpọ. nchịkọta, nke kwekọrọ n'ụkpụrụ Tier III ma ọ bụ IV, na-ekwe nkwa inye ọkụ a pụrụ ịdabere na ya, dị jụụ na ịnweta ịntanetị na-adịghị mma;
- akụrụngwa agbaziri agbaziri zuru oke na ebe data Tier III ma ọ bụ IV.
Kedu nhọrọ ụlọ ị ga-ahọrọ bụ onye ọ bụla na nke ọ bụla, ma na-adaberekarị n'ọtụtụ isi ihe:
- Kedu ihe kpatara ụlọ ọrụ ji achọ akụrụngwa IT nke ya?
- Kedu ihe ụlọ ọrụ ahụ chọrọ kpọmkwem site na akụrụngwa IT (ntụkwasị obi, scalability, njikwa, wdg);
- olu nke ntinye ego mbụ na akụrụngwa IT, yana ụdị ụgwọ ọrụ maka ya - isi obodo (nke pụtara na ị zụrụ akụrụngwa nke gị), ma ọ bụ arụ ọrụ (a na-agbazinyekarị ngwa ọrụ);
- Atụmatụ mbara igwe nke Enterprise n'onwe ya.
Enwere ike dee ọtụtụ ihe gbasara ihe ndị na-emetụta mkpebi ụlọ ọrụ imepụta na iji akụrụngwa IT ya, mana ebumnuche anyị bụ igosi n'omume ka esi emepụta akụrụngwa a ka ọ bụrụ nke na-adịghị mma ma nwee ike ịchekwa ego. ọnụ ahịa ịzụrụ ngwanrọ azụmahịa, ma ọ bụ zere ha kpam kpam.
Dị ka omume ogologo oge na-egosi, ọ baghị uru ịzọpụta na ngwaike, ebe ọ bụ na ike na-akwụ ụgwọ ugboro abụọ, na ọbụna ọtụtụ ihe ndị ọzọ. Ma ọzọ, ngwaike dị mma bụ naanị nkwanye, na n'ikpeazụ ihe kpọmkwem ịzụta na ole dabere na ike nke ụlọ ọrụ na "anyaukwu" nke njikwa ya. Ọzọkwa, a ga-aghọta okwu ahụ bụ "anyaukwu" n'echiche dị mma nke okwu ahụ, ebe ọ bụ na ọ ka mma itinye ego na ngwaike na mbido mbụ, ka ọ ghara inwe nsogbu siri ike na nkwado ya na nchikota ya ọzọ, ebe ọ bụ na nhazi na-ezighị ezi na mbụ. oke oke ego nwere ike ibute ọnụ ahịa dị elu karịa mgbe ịmalite ọrụ ahụ.
Yabụ, data mbụ maka ọrụ a:
- enwere ụlọ ọrụ nke kpebiri ịmepụta ebe nrụọrụ weebụ nke ya ma weta ọrụ ya na Ịntanetị;
- ụlọ ọrụ ahụ kpebiri ịgbazite rack iji tinye akụrụngwa ya na ebe nchekwa data dị mma kwadoro dịka ọkọlọtọ Tier III;
- ụlọ ọrụ ahụ kpebiri na ọ gaghị echekwa ọtụtụ ihe na ngwaike, ya mere zụtara akụrụngwa ndị a na akwụkwọ ikike na nkwado ogologo:
Ndepụta akụrụngwa
- abụọ Dell PowerEdge R640 sava dị ka ndị a:
- abụọ Intel Xeon Gold 5120 processors
- 512 GB RAM
- diski SAS abụọ na RAID1, maka nrụnye OS
- 4-ọdụ ụgbọ mmiri 1G netwọk kaadị
- abụọ 2-ọdụ ụgbọ mmiri 10G netwọk kaadị
- otu 2-ọdụ ụgbọ mmiri FC HBA 16G.
- 2-njikwa nchekwa usoro Dell MD3820f, jikọọ site FC 16G ozugbo na Dell ụsụụ ndị agha;
- abụọ nke abụọ-larịị mgba ọkụ - Cisco WS-C2960RX-48FPS-L stacked;
- abụọ nke atọ-larịị switches - Cisco WS-C3850-24T-E, stacked;
- Rack, UPS, PDU, sava console bụ ebe data na-enye.
Dị ka anyị na-ahụ, ndị dị na ngwá nwere ezi atụmanya maka kehoraizin na vetikal scaling, ma ọ bụrụ na enterprise bụ ike mpi na ụlọ ọrụ ndị ọzọ nke a yiri profaịlụ na Internet, na-amalite irite uru, nke nwere ike nyekwara na ịgbasa ego maka n'ihu asọmpi. na uru uru.
Kedu akụrụngwa anyị nwere ike ịgbakwunye ma ọ bụrụ na ụlọ ọrụ ahụ kpebiri ịbawanye arụmọrụ nke ụyọkọ kọmpụta anyị:
- anyị nwere nnukwu ebe nchekwa na ọnụ ọgụgụ ọdụ ụgbọ mmiri na 2960X switches, nke pụtara na anyị nwere ike ịgbakwunye sava ngwaike ọzọ;
- zụta ihe mgba ọkụ abụọ FC iji jikọọ usoro nchekwa na sava ndị ọzọ na ha;
- enwere ike ịkwalite sava dị ugbu a - tinye ebe nchekwa, dochie ndị nrụpụta na ndị dị ike karịa, jikọọ na netwọkụ 10G site na iji nkwụnye netwọkụ dị ugbu a;
- Ị nwere ike ịgbakwunye ihe nchekwa diski ndị ọzọ na usoro nchekwa ahụ na ụdị diski achọrọ - SAS, SATA ma ọ bụ SSD, dabere na ibu atụmatụ;
- Mgbe ịgbakwunye FC switches, ị nwere ike ịzụta usoro nchekwa ọzọ iji gbakwunye ikike diski ọzọ, ma ọ bụrụ na ịzụrụ nhọrọ Remote Replication pụrụ iche na ya, ị nwere ike ịtọliteghachi data n'etiti sistemụ nchekwa ma n'ime otu data center na n'etiti data centers ( ma nke a agafeelarị n'ime oke nke isiokwu ahụ;
- Enwekwara mgba ọkụ nke ọkwa nke atọ - Cisco 3850, nke enwere ike iji dị ka isi netwọk na-anabata mmejọ maka ụzọ ọsọ ọsọ n'etiti netwọk dị n'ime. Nke a ga-enye aka nke ukwuu n'ọdịnihu ka akụrụngwa nke ime na-eto eto. 3850 nwekwara ọdụ ụgbọ mmiri 10G, nke enwere ike iji mechaa mgbe ị na-ebuli akụrụngwa netwọkụ gị na ọsọ 10G.
Ebe ọ bụ na ugbu a ọ dịghị ebe ọ bụla na-enweghị virtualization, anyị ga-n'ezie na-na-emekarị, karịsịa ebe ọ bụ na nke a bụ ụzọ magburu onwe iji belata ọnụ ahịa nke ịzụta oké ọnụ sava maka onye akụrụngwa ọcha (sava webụ, ọdụ data, wdg), nke na-adịghị mgbe niile. A na-eji ihe kachasị mma ma ọ bụrụ na ọ dị obere ibu, na nke a bụ kpọmkwem ihe ga-eme na mmalite mmalite nke ọrụ ahụ.
Na mgbakwunye, virtualization nwere ọtụtụ uru ndị ọzọ nwere ike ịbara anyị uru nke ukwuu: nnabata mmejọ VM megide ọdịda nkesa ngwaike, Mbugharị Live n'etiti oghere ụyọkọ ngwaike maka mmezi ha, akwụkwọ ntuziaka ma ọ bụ nkesa akpaaka n'etiti ọnụ ụyọkọ, wdg.
Maka ngwaike nke ụlọ ọrụ zụtara, ntinye nke ụyọkọ VMware vSphere dị nke ukwuu na-egosi onwe ya, mana ebe ọ bụ na ngwanrọ ọ bụla sitere na VMware mara maka mkpado ọnụahịa “ịnyịnya” ya, anyị ga-eji sọftụwia n'efu maka ijikwa virtualization - , na ndabere nke a maara nke ọma ma na-ama ahịa ngwaahịa na-emepụta - .
Software okwute Ọ dị mkpa ijikọ ihe akụrụngwa niile n'otu n'otu ka ị nwee ike iji igwe mebere dị oke arụ ọrụ - ndị a bụ ọdụ data, ngwa weebụ, sava proxy, ndị na-edozi ihe, sava maka ịnakọta ndekọ na nyocha, wdg, ya bụ, gịnị web portal nke ụlọ ọrụ anyị nwere.
Iji chịkọta okwu mmeghe a, anyị nwere ike ịtụ anya akụkọ ndị na-esonụ, nke ga-egosi n'omume kpọmkwem otu esi ebuga ngwaike na akụrụngwa ngwanrọ nke ụlọ ọrụ:
Ndepụta akụkọ
- Akụkụ nke 1. Na-akwado ibubata ụyọkọ oVirt 4.3.
- Akụkụ nke 2. Ịwụnye na ịhazi ụyọkọ oVirt 4.3.
- Akụkụ nke 3. Ịtọlite ụyọkọ VyOS, na-ahazi ụzọ mpụ na-anabata mmejọ.
- Akụkụ nke 4. Ịtọlite nchịkọta Cisco 3850, na-ahazi ụzọ intranet.
Nkebi 1. Na-akwado ibubata ụyọkọ oVirt 4.3
Ntọala onye ọbịa bụ isi
Ịwụnye na ịhazi OS bụ nzọụkwụ kachasị mfe. Enwere ọtụtụ akụkọ gbasara otu esi etinye ma hazie OS nke ọma, yabụ na ọ nweghị uru ịnwa ịnye ihe pụrụ iche gbasara nke a.
Yabụ, anyị nwere ndị ọbịa Dell PowerEdge R640 abụọ nke anyị kwesịrị ịwụnye OS wee rụọ ntọala mmalite iji jiri ha dị ka hypervisors maka ịgba ọsọ igwe mebere na ụyọkọ oVirt 4.3.
Ebe anyị na-eme atụmatụ iji sọftụwia oVirt na-abụghị nke azụmahịa n'efu, ahọpụtara OS maka ibuga ndị ọbịa CentOS 7.7, ọ bụ ezie na enwere ike itinye OS ndị ọzọ na ndị ọbịa maka oVirt:
- ụlọ pụrụ iche dabere na RHEL, nke a na-akpọ. ;
- OS Oracle Linux, ọkọchị 2019 banyere ịkwado ọrụ oVirt na ya.
Tupu ịwụnye OS a na-atụ aro:
- hazie iDRAC netwọk interface na ma ụsụụ ndị agha;
- imelite BIOS na iDRAC firmware na nsụgharị ọhụrụ;
- hazie profaịlụ Sistemu nke ihe nkesa, ọkacha mma na ọnọdụ arụmọrụ;
- hazie RAID site na diski mpaghara (RAID1 ka akwadoro) iji wụnye OS na sava ahụ.
Mgbe ahụ, anyị wụnye OS na diski emebere na mbụ site na iDRAC - usoro nrụnye bụ ihe nkịtị, ọ dịghị oge pụrụ iche na ya. Ịnweta ihe njikwa ihe nkesa iji malite nrụnye OS nwekwara ike ịnweta site na iDRAC, ọ bụ ezie na ọ dịghị ihe na-egbochi gị ijikọ nyochaa, keyboard na òké ozugbo na ihe nkesa na ịwụnye OS site na draịva flash.
Mgbe ị wụnye OS, anyị na-eme ntọala mbụ ya:
systemctl enable network.service
systemctl start network.service
systemctl status network.servicesystemctl stop NetworkManager
systemctl disable NetworkManager
systemctl status NetworkManageryum install -y ntp
systemctl enable ntpd.service
systemctl start ntpd.servicecat /etc/sysconfig/selinux
SELINUX=disabled
SELINUXTYPE=targetedcat /etc/security/limits.conf
* soft nofile 65536
* hard nofile 65536cat /etc/sysctl.conf
vm.max_map_count = 262144
vm.swappiness = 1Ịwụnye otu ngwa ngwanrọ
Iji hazie OS mbụ, ịkwesịrị ịhazi interface netwọk ọ bụla na sava ahụ ka ị nwee ike ịnweta ịntanetị iji melite OS wee wụnye ngwugwu ngwanrọ dị mkpa. Enwere ike ime nke a ma n'oge usoro nrụnye OS na mgbe ọ gasịrị.
yum -y install epel-release
yum update
yum -y install bind-utils yum-utils net-tools git htop iotop nmon pciutils sysfsutils sysstat mc nc rsync wget traceroute gzip unzip telnet Ntọala niile dị n'elu na ngwa ngwanrọ bụ ihe gbasara mmasị onwe onye, ma setịpụ a bụ naanị nkwanye.
Ebe ọ bụ na onye ọbịa anyị ga-arụ ọrụ nke hypervisor, anyị ga-eme ka profaịlụ arụmọrụ achọrọ:
systemctl enable tuned
systemctl start tuned
systemctl status tuned tuned-adm profile
tuned-adm profile virtual-host Ị nwere ike ịgụkwu gbasara profaịlụ arụmọrụ ebe a: "".
Mgbe ị wụnye OS, anyị na-aga n'ihu na akụkụ nke ọzọ - ịmepụta oghere netwọk na ndị ọbịa na nchịkọta nke Cisco 2960X switches.
Na-ahazi Cisco 2960X Switch Stack
Ọrụ anyị ga-eji ọnụọgụ VLAN ndị a - ma ọ bụ ngalaba mgbasa ozi, dịpụrụ adịpụ na ibe ya, iji kewaa ụdị okporo ụzọ dị iche iche:
VLAN 10 - Ntaneti
VLAN 17 - Njikwa (iDRAC, sistemụ nchekwa, njikwa ọkụ)
VLAN 32 - VM mmepụta netwọk
VLAN 33 - netwọk njikọ (na ndị ọrụ nkwekọrịta mpụga)
VLAN 34 - VM ule netwọk
VLAN 35 - VM onye nrụpụta netwọkụ
VLAN 40 – netwọk nlekota oru
Tupu ịmalite ọrụ, ebe a bụ eserese dị na ọkwa L2 nke anyị kwesịrị ịbịarute na:
Maka mmekọrịta netwọkụ nke ndị ọbịa oVirt na igwe mebere ya na ibe ya, yana maka ijikwa sistemụ nchekwa anyị, ọ dị mkpa ịhazi njupụta nke Cisco 2960X switches.
Ndị ọbịa Dell arụnyere kaadị netwọk ọdụ ụgbọ mmiri 4, yabụ, ọ bụ ihe amamihe dị na ya ịhazi njikọ ha na Cisco 2960X site na iji njikọ netwọkụ na-anabataghị mmejọ, na-eji otu ọdụ ụgbọ mmiri netwọọdụ anụ ahụ banye na interface ezi uche, yana ụkpụrụ LACP ( 802.3 ad):
- A na-ahazi ọdụ ụgbọ mmiri abụọ mbụ na onye ọbịa na ọnọdụ njikọ ma jikọọ na mgba ọkụ 2960X - a ga-ahazi interface a ezi uche dị na ya. akwa na adreesị maka njikwa nnabata, nlekota oru, nkwurịta okwu na ndị ọbịa ndị ọzọ na ụyọkọ oVirt, a ga-ejikwa ya maka ịkwaga Live nke igwe mebere;
- A na-ahazi ọdụ ụgbọ mmiri nke abụọ na onye ọbịa na ọnọdụ njikọ ma jikọọ na 2960X - na interface ezi uche a na-eji oVirt, a ga-emepụta àkwà mmiri n'ọdịnihu (na VLAN ndị kwekọrọ) nke a ga-ejikọta igwe mebere.
- ọdụ ụgbọ mmiri abụọ ahụ, n'ime otu ihe ezi uche dị na ya, ga-arụ ọrụ, ya bụ. Enwere ike ibunye okporo ụzọ n'elu ha n'otu oge, na ọnọdụ nhazi.
- ntọala netwọk na ọnụ ụyọkọ ga-abụrịrị otu, ewezuga adreesị IP.
Ntọala nchịkọta mgba ọkụ bụ isi 2960X na ọdụ ụgbọ mmiri ya
Mgbanwe anyị ga-ebu ụzọ bụrụ:
- rack wụnye;
- ejikọrọ site na eriri abụọ pụrụ iche nke ogologo a chọrọ, dịka ọmụmaatụ, CAB-STK-E-1M;
- ejikọrọ na ike ọkọnọ;
- jikọọ na ebe ọrụ onye nchịkwa site na ọdụ ụgbọ mmiri maka nhazi mbụ ha.
Ntuziaka dị mkpa maka nke a dị na emeputa.
Mgbe ịmechara usoro ndị a dị n'elu, anyị na-ahazi switches.
Ihe iwu ọ bụla pụtara abụghị ka e depụta ya n'ime usoro nke edemede a; ọ bụrụ na ọ dị mkpa, enwere ike ịchọta ozi niile n'onwe ya.
Ebumnuche anyị bụ ịhazi nchịkọta mgba ọkụ ngwa ngwa o kwere mee ma jikọọ ndị ọbịa na ebe njikwa nchekwa na ya.
1) Jikọọ na nna ukwu mgba ọkụ, gaa na ihe ùgwù mode, wee gaa nhazi mode ma mee ntọala ntọala.
Nhazi mgba ọkụ bụ isi:
enable
configure terminal
hostname 2960X
no service pad
service timestamps debug datetime msec
service timestamps log datetime localtime show-timezone msec
no service password-encryption
service sequence-numbers
switch 1 priority 15
switch 2 priority 14
stack-mac persistent timer 0
clock timezone MSK 3
vtp mode transparent
ip subnet-zero
vlan 17
name Management
vlan 32
name PROD
vlan 33
name Interconnect
vlan 34
name Test
vlan 35
name Dev
vlan 40
name Monitoring
spanning-tree mode rapid-pvst
spanning-tree etherchannel guard misconfig
spanning-tree portfast bpduguard default
spanning-tree extend system-id
spanning-tree vlan 1-40 root primary
spanning-tree loopguard default
vlan internal allocation policy ascending
port-channel load-balance src-dst-ip
errdisable recovery cause loopback
errdisable recovery cause bpduguard
errdisable recovery interval 60
line con 0
session-timeout 60
exec-timeout 60 0
logging synchronous
line vty 5 15
session-timeout 60
exec-timeout 60 0
logging synchronous
ip http server
ip http secure-server
no vstack
interface Vlan1
no ip address
shutdown
exit
Anyị na-echekwa config na iwu "wr mem" wee malitegharịa nchịkọta ngbanwe site na iwu"weghachite» na Master switch 1.
2) Anyị na-ahazi ọdụ ụgbọ mmiri netwọk nke mgba ọkụ na ohere ịnweta na VLAN 17, iji jikọọ njikwa njikwa nke sistemụ nchekwa na sava iDRAC.
Ịtọlite ọdụ ụgbọ mmiri njikwa:
interface GigabitEthernet1/0/5
description iDRAC - host1
switchport access vlan 17
switchport mode access
spanning-tree portfast edge
interface GigabitEthernet1/0/6
description Storage1 - Cntr0/Eth0
switchport access vlan 17
switchport mode access
spanning-tree portfast edge
interface GigabitEthernet2/0/5
description iDRAC - host2
switchport access vlan 17
switchport mode access
spanning-tree portfast edge
interface GigabitEthernet2/0/6
description Storage1 – Cntr1/Eth0
switchport access vlan 17
switchport mode access
spanning-tree portfast edge
exit3) Mgbe ị bugharịchara ngwugwu ahụ, lelee na ọ na-arụ ọrụ nke ọma:
Na-enyocha arụmọrụ nke tojupụtara:
2960X#show switch stack-ring speed
Stack Ring Speed : 20G
Stack Ring Configuration: Full
Stack Ring Protocol : FlexStack
2960X#show switch stack-ports
Switch # Port 1 Port 2
-------- ------ ------
1 Ok Ok
2 Ok Ok
2960X#show switch neighbors
Switch # Port 1 Port 2
-------- ------ ------
1 2 2
2 1 1
2960X#show switch detail
Switch/Stack Mac Address : 0cd0.f8e4.ХХХХ
Mac persistency wait time: Indefinite
H/W Current
Switch# Role Mac Address Priority Version State
----------------------------------------------------------
*1 Master 0cd0.f8e4.ХХХХ 15 4 Ready
2 Member 0029.c251.ХХХХ 14 4 Ready
Stack Port Status Neighbors
Switch# Port 1 Port 2 Port 1 Port 2
--------------------------------------------------------
1 Ok Ok 2 2
2 Ok Ok 1 14) Ịmepụta ohere SSH na nchịkọta 2960X
Iji jikwaa ngwugwu ahụ site na SSH, anyị ga-eji IP 172.20.1.10 ahaziri maka SVI (gbanwee mebere interface) VLAN17.
Ọ bụ ezie na ọ bụ ihe amamihe dị na ya iji ọdụ ụgbọ mmiri raara onwe ya nye na mgba ọkụ maka ebumnuche njikwa, nke a bụ ihe gbasara mmasị na ikike onwe onye.
Ịhazi ohere SSH ka ọ bụrụ nchịkọta ọkụ ọkụ:
ip default-gateway 172.20.1.2
interface vlan 17
ip address 172.20.1.10 255.255.255.0
hostname 2960X
ip domain-name hw.home-lab.ru
no ip domain-lookup
clock set 12:47:04 06 Dec 2019
crypto key generate rsa
ip ssh version 2
ip ssh time-out 90
line vty 0 4
session-timeout 60
exec-timeout 60 0
privilege level 15
logging synchronous
transport input ssh
line vty 5 15
session-timeout 60
exec-timeout 60 0
privilege level 15
logging synchronous
transport input ssh
aaa new-model
aaa authentication login default local
username cisco privilege 15 secret my_ssh_passwordHazie okwuntughe iji tinye ụkpụrụ dị mkpa:
enable secret *myenablepassword*
service password-encryptionỊtọlite NTP:
ntp server 85.21.78.8 prefer
ntp server 89.221.207.113
ntp server 185.22.60.71
ntp server 192.36.143.130
ntp server 185.209.85.222
show ntp status
show ntp associations
show clock detail5) Hazie oghere Etherchannel ezi uche dị na ya na ọdụ ụgbọ mmiri anụ ahụ jikọtara na ndị ọbịa. Maka nhazi dị mfe, a ga-eme ka VLAN niile dị na oghere niile ezi uche dị na ya, mana a na-atụ aro ka ịhazi naanị ihe achọrọ:
Na-ahazi interface Etherchannel:
interface Port-channel1
description EtherChannel with Host1-management
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
spanning-tree portfast edge trunk
interface Port-channel2
description EtherChannel with Host2-management
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
spanning-tree portfast edge trunk
interface Port-channel3
description EtherChannel with Host1-VM
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
spanning-tree portfast edge trunk
interface Port-channel4
description EtherChannel with Host2-VM
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
spanning-tree portfast edge trunk
interface GigabitEthernet1/0/1
description Host1-management
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
channel-protocol lacp
channel-group 1 mode active
interface GigabitEthernet1/0/2
description Host2-management
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
channel-protocol lacp
channel-group 2 mode active
interface GigabitEthernet1/0/3
description Host1-VM
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
channel-protocol lacp
channel-group 3 mode active
interface GigabitEthernet1/0/4
description Host2-VM
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
channel-protocol lacp
channel-group 4 mode active
interface GigabitEthernet2/0/1
description Host1-management
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
channel-protocol lacp
channel-group 1 mode active
interface GigabitEthernet2/0/2
description Host2-management
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
channel-protocol lacp
channel-group 2 mode active
interface GigabitEthernet2/0/3
description Host1-VM
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
channel-protocol lacp
channel-group 3 mode active
interface GigabitEthernet2/0/4
description Host2-VM
switchport trunk allowed vlan 10,17,30-40
switchport mode trunk
channel-protocol lacp
channel-group 4 mode activeNhazi izizi nke oghere netwọkụ maka igwe mebere na ndị ọbịa Onye ọbịa1 и Onye ọbịa2
Anyị na-elele ọnụnọ nke modul dị mkpa maka njikọta iji rụọ ọrụ na sistemụ, wụnye modul maka ịchịkwa àkwà mmiri:
modinfo bonding
modinfo 8021q
yum install bridge-utilsNa-ahazi interface ezi uche dị na BOND1 maka igwe mebere ya na ihu anụ ahụ ya na ndị ọbịa:
cat /etc/sysconfig/network-scripts/ifcfg-bond1
#DESCRIPTION - management
DEVICE=bond1
NAME=bond1
TYPE=Bond
IPV6INIT=no
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
BOOTPROTO=none
BONDING_OPTS='mode=4 lacp_rate=1 xmit_hash_policy=2'
cat /etc/sysconfig/network-scripts/ifcfg-em2
#DESCRIPTION - management
DEVICE=em2
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
MASTER=bond1
SLAVE=yes
USERCTL=no
NM_CONTROLLED=no
cat /etc/sysconfig/network-scripts/ifcfg-em3
#DESCRIPTION - management
DEVICE=em3
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
MASTER=bond1
SLAVE=yes
USERCTL=no
NM_CONTROLLED=no Mgbe emechara ntọala na tojupụtara 2960 Х na ndị ọbịa, anyị na-amalitegharị netwọkụ na ndị ọbịa wee lelee ọrụ nke interface ezi uche dị na ya.
- na onye ọbịa:
systemctl restart network
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0
...
802.3ad info
LACP rate: fast
Min links: 0
Aggregator selection policy (ad_select): stable
System priority: 65535
...
Slave Interface: em2
MII Status: up
Speed: 1000 Mbps
Duplex: full
...
Slave Interface: em3
MII Status: up
Speed: 1000 Mbps
Duplex: full- na ngbanwe tojupụtara 2960 Х:
2960X#show lacp internal
Flags: S - Device is requesting Slow LACPDUs
F - Device is requesting Fast LACPDUs
A - Device is in Active mode P - Device is in Passive mode
Channel group 1
LACP port Admin Oper Port Port
Port Flags State Priority Key Key Number State
Gi1/0/1 SA bndl 32768 0x1 0x1 0x102 0x3D
Gi2/0/1 SA bndl 32768 0x1 0x1 0x202 0x3D
2960X#sh etherchannel summary
Flags: D - down P - bundled in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use N - not in use, no aggregation
f - failed to allocate aggregator
M - not in use, minimum links not met
m - not in use, port not aggregated due to minimum links not met
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
A - formed by Auto LAG
Number of channel-groups in use: 11
Number of aggregators: 11
Group Port-channel Protocol Ports
------+-------------+-----------+-----------------------------------------------
1 Po1(SU) LACP Gi1/0/1(P) Gi2/0/1(P)Nhazi izizi nke ihu netwọkụ maka ijikwa akụrụngwa ụyọkọ na ndị ọbịa Onye ọbịa1 и Onye ọbịa2
Na-ahazi interface BOND1 ezi uche dị na ya maka njikwa yana ihu anụ ahụ ya na ndị ọbịa:
cat /etc/sysconfig/network-scripts/ifcfg-bond0
#DESCRIPTION - management
DEVICE=bond0
NAME=bond0
TYPE=Bond
BONDING_MASTER=yes
IPV6INIT=no
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
BOOTPROTO=none
BONDING_OPTS='mode=4 lacp_rate=1 xmit_hash_policy=2'
cat /etc/sysconfig/network-scripts/ifcfg-em0
#DESCRIPTION - management
DEVICE=em0
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
NM_CONTROLLED=no
cat /etc/sysconfig/network-scripts/ifcfg-em1
#DESCRIPTION - management
DEVICE=em1
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no
NM_CONTROLLED=no Mgbe emechara ntọala na tojupụtara 2960 Х na ndị ọbịa, anyị na-amalitegharị netwọkụ na ndị ọbịa wee lelee ọrụ nke interface ezi uche dị na ya.
systemctl restart network
cat /proc/net/bonding/bond1
2960X#show lacp internal
2960X#sh etherchannel summaryAnyị na-ahazi interface netwọk njikwa na onye ọ bụla ọbịa na VLAN 17, ma kechie ya na interface ezi uche dị na ya BOND1:
Na-ahazi VLAN17 na Host1:
cat /etc/sysconfig/network-scripts/ifcfg-bond1.17
DEVICE=bond1.17
NAME=bond1-vlan17
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
VLAN=yes
MTU=1500
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
IPADDR=172.20.17.163
NETMASK=255.255.255.0
GATEWAY=172.20.17.2
DEFROUTE=yes
DNS1=172.20.17.8
DNS2=172.20.17.9
ZONE=publicNa-ahazi VLAN17 na Host2:
cat /etc/sysconfig/network-scripts/ifcfg-bond1.17
DEVICE=bond1.17
NAME=bond1-vlan17
BOOTPROTO=none
ONBOOT=yes
USERCTL=no
NM_CONTROLLED=no
VLAN=yes
MTU=1500
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
IPADDR=172.20.17.164
NETMASK=255.255.255.0
GATEWAY=172.20.17.2
DEFROUTE=yes
DNS1=172.20.17.8
DNS2=172.20.17.9
ZONE=publicAnyị na-amalitegharị netwọkụ na ndị ọbịa wee lelee visibiliti ha na ibe ha.
Nke a na-emecha nhazi nke nchịkọta nke Cisco 2960X switches, ma ọ bụrụ na e mere ihe niile n'ụzọ ziri ezi, mgbe ahụ, ugbu a, anyị nwere njikọ netwọk nke ihe niile akụrụngwa na ibe na L2 larịị.
Ịtọlite usoro nchekwa Dell MD3820f
Tupu ịmalite ịrụ ọrụ na ịtọlite sistemu nchekwa, ọ ga-abụrịrị na ejikọrọ ya na nchịkọta Cisco switches 2960 Х njikwa interfaces, yana ndị ọbịa Onye ọbịa1 и Onye ọbịa2 site na FC.
Enyere eserese izugbe nke ka esi ejikọ sistemu nchekwa na mkpọ ọkụ ọkụ n'isiakwụkwọ gara aga.
Eserese maka ijikọ sistemụ nchekwa site na FC na ndị ọbịa kwesịrị ịdị ka nke a:
N'oge njikọ ahụ, ịkwesịrị idetu adreesị WWPN maka ndị ọbịa FC HBA ejikọrọ na ọdụ ụgbọ mmiri FC na sistemụ nchekwa - nke a ga-adị mkpa maka imechaa guzobe njikọ nke ndị ọbịa na LUN na sistemụ nchekwa.
N'ebe ọrụ onye nchịkwa, budata ma wụnye akụrụngwa maka ijikwa sistemụ nchekwa Dell MD3820f - PowerVault Modular Nchekwa Disk Manager (MDSM).
Anyị jikọọ na ya site na adreesị IP nke ndabara, wee hazie adreesị anyị site na VLAN17, iji jikwaa ndị njikwa site na TCP/IP:
Nchekwa1:
ControllerA IP - 172.20.1.13, MASK - 255.255.255.0, Gateway - 172.20.1.2
ControllerB IP - 172.20.1.14, MASK - 255.255.255.0, Gateway - 172.20.1.2Mgbe ịtọlitechara adreesị, gaa na njikwa njikwa nchekwa wee tọọ paswọọdụ, tọọ oge, melite firmware maka njikwa na diski, ọ bụrụ na ọ dị mkpa, wdg.
A kọwara otu esi eme nke a na Usoro nchekwa
Mgbe ịmechara ntọala ndị a dị n'elu, anyị ga-achọ naanị ịme usoro ole na ole:
- Hazie NJ ọdụ ụgbọ mmiri FC onye ọbịa - Ihe nchọpụta ọdụ ụgbọ mmiri ọbịa.
- Mepụta otu nnabata - Otu ndị ọbịa ma tinye ndị ọbịa Dell anyị abụọ na ya.
- Mepụta otu diski na diski mebere (ma ọ bụ LUN) n'ime ya nke a ga-egosi ndị ọbịa.
- Hazie ngosi nke diski mebere (ma ọ bụ LUN) maka ndị ọbịa.
Ịgbakwunye ndị ọbịa ọhụrụ na njide njirimara ọdụ ụgbọ mmiri FC na-eme ha site na menu - Mappings ndị ọbịa -> Kọwaa -> Ndị ọbịa…
Enwere ike ịchọta adreesị WWPN nke ndị ọbịa FC HBA, dịka ọmụmaatụ, na sava iDRAC.
N'ihi ya, anyị kwesịrị ịhụ ihe dị ka nke a:
Ịgbakwunye otu ọhụrụ nke ndị ọbịa na ndị ọbịa na-ejikọta ya na-eme site na menu - Mappings ndị ọbịa -> Kọwaa -> Otu ndị ọbịa…
Maka ndị ọbịa, họrọ ụdị OS – Linux (DM-MP).
Mgbe ịmepụtara otu ndị ọbịa, site na taabụ Nchekwa & Detuo Ọrụ, mepụta otu diski - Otu diski, nwere ụdị dabere na ihe achọrọ maka nnabata mmejọ, dịka ọmụmaatụ, RAID10, yana diski mebere nke nha achọrọ:
Na n'ikpeazụ, ikpeazụ ogbo bụ ngosi nke mebere disks (ma ọ bụ LUNs) ndị ọbịa.
Iji mee nke a, site na menu - Mappings ndị ọbịa -> Nkewa ọnwa -> Tinye… Anyị na-ejikọta diski mebere na ndị ọbịa site n'inye ha nọmba.
Ihe niile kwesịrị ịdị ka nseta ihuenyo a:
Nke a bụ ebe anyị kwụsịrị ịtọlite usoro nchekwa, ma ọ bụrụ na emere ihe niile n'ụzọ ziri ezi, mgbe ahụ, ndị ọbịa ahụ kwesịrị ịhụ ndị LUN gosipụtara ha site na FC HBA ha.
Ka anyị manye sistemu ahụ imelite ozi gbasara diski ejikọrọ:
ls -la /sys/class/scsi_host/
echo "- - -" > /sys/class/scsi_host/host[0-9]/scanKa anyị hụ ngwaọrụ ndị a na-ahụ anya na sava anyị:
cat /proc/scsi/scsi
Attached devices:
Host: scsi0 Channel: 02 Id: 00 Lun: 00
Vendor: DELL Model: PERC H330 Mini Rev: 4.29
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi15 Channel: 00 Id: 00 Lun: 00
Vendor: DELL Model: MD38xxf Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi15 Channel: 00 Id: 00 Lun: 01
Vendor: DELL Model: MD38xxf Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi15 Channel: 00 Id: 00 Lun: 04
Vendor: DELL Model: MD38xxf Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi15 Channel: 00 Id: 00 Lun: 11
Vendor: DELL Model: MD38xxf Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi15 Channel: 00 Id: 00 Lun: 31
Vendor: DELL Model: Universal Xport Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi18 Channel: 00 Id: 00 Lun: 00
Vendor: DELL Model: MD38xxf Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi18 Channel: 00 Id: 00 Lun: 01
Vendor: DELL Model: MD38xxf Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi18 Channel: 00 Id: 00 Lun: 04
Vendor: DELL Model: MD38xxf Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi18 Channel: 00 Id: 00 Lun: 11
Vendor: DELL Model: MD38xxf Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
Host: scsi18 Channel: 00 Id: 00 Lun: 31
Vendor: DELL Model: Universal Xport Rev: 0825
Type: Direct-Access ANSI SCSI revision: 05
lsscsi
[0:2:0:0] disk DELL PERC H330 Mini 4.29 /dev/sda
[15:0:0:0] disk DELL MD38xxf 0825 -
[15:0:0:1] disk DELL MD38xxf 0825 /dev/sdb
[15:0:0:4] disk DELL MD38xxf 0825 /dev/sdc
[15:0:0:11] disk DELL MD38xxf 0825 /dev/sdd
[15:0:0:31] disk DELL Universal Xport 0825 -
[18:0:0:0] disk DELL MD38xxf 0825 -
[18:0:0:1] disk DELL MD38xxf 0825 /dev/sdi
[18:0:0:4] disk DELL MD38xxf 0825 /dev/sdj
[18:0:0:11] disk DELL MD38xxf 0825 /dev/sdk
[18:0:0:31] disk DELL Universal Xport 0825 -Na ụsụụ ndị agha ị nwekwara ike hazie ya ọtụtụ, na ọ bụ ezie na mgbe ị na-etinye oVirt ọ nwere ike ime nke a n'onwe ya, ọ ka mma ịlele ọrụ MP ziri ezi n'ihu onwe gị.
Nwụnye na nhazi nke DM Multipath
yum install device-mapper-multipath
mpathconf --enable --user_friendly_names y
cat /etc/multipath.conf | egrep -v "^s*(#|$)"
defaults {
user_friendly_names yes
find_multipaths yes
}
blacklist {
wwid 26353900f02796769
devnode "^(ram|raw|loop|fd|md|dm-|sr|scd|st)[0-9]*"
devnode "^hd[a-z]"
}Tọọ ọrụ MP ka ọ malite ịmalite ma malite ya:
systemctl enable multipathd && systemctl restart multipathdNa-enyocha ozi gbasara modul ebugoro maka ọrụ MP:
lsmod | grep dm_multipath
dm_multipath 27792 6 dm_service_time
dm_mod 124407 139 dm_multipath,dm_log,dm_mirror
modinfo dm_multipath
filename: /lib/modules/3.10.0-957.12.2.el7.x86_64/kernel/drivers/md/dm-multipath.ko.xz
license: GPL
author: Sistina Software <[email protected]>
description: device-mapper multipath target
retpoline: Y
rhelversion: 7.6
srcversion: 985A03DCAF053D4910E53EE
depends: dm-mod
intree: Y
vermagic: 3.10.0-957.12.2.el7.x86_64 SMP mod_unload modversions
signer: CentOS Linux kernel signing key
sig_key: A3:2D:39:46:F2:D3:58:EA:52:30:1F:63:37:8A:37:A5:54:03:00:45
sig_hashalgo: sha256Ka anyị lelee ozi nchịkọta gbasara nhazi multipath dị adị:
mpathconf
multipath is enabled
find_multipaths is disabled
user_friendly_names is disabled
dm_multipath module is loaded
multipathd is runningMgbe itinyechara LUN ọhụrụ na sistemụ nchekwa wee gosi ya onye ọbịa, ịkwesịrị inyocha HBA ndị ejikọrọ na onye ọbịa na ya.
systemctl reload multipathd
multipath -v2N'ikpeazụ, anyị na-enyocha ma e gosipụtara LUN niile na usoro nchekwa maka ndị ọbịa, yana ma enwere ụzọ abụọ na ha niile.
Na-enyocha ọrụ MP:
multipath -ll
3600a098000e4b4b3000003175cec1840 dm-2 DELL ,MD38xxf
size=2.0T features='3 queue_if_no_path pg_init_retries 50' hwhandler='1 rdac' wp=rw
|-+- policy='service-time 0' prio=14 status=active
| `- 15:0:0:1 sdb 8:16 active ready running
`-+- policy='service-time 0' prio=9 status=enabled
`- 18:0:0:1 sdi 8:128 active ready running
3600a098000e4b48f000002ab5cec1921 dm-6 DELL ,MD38xxf
size=10T features='3 queue_if_no_path pg_init_retries 50' hwhandler='1 rdac' wp=rw
|-+- policy='service-time 0' prio=14 status=active
| `- 18:0:0:11 sdk 8:160 active ready running
`-+- policy='service-time 0' prio=9 status=enabled
`- 15:0:0:11 sdd 8:48 active ready running
3600a098000e4b4b3000003c95d171065 dm-3 DELL ,MD38xxf
size=150G features='3 queue_if_no_path pg_init_retries 50' hwhandler='1 rdac' wp=rw
|-+- policy='service-time 0' prio=14 status=active
| `- 15:0:0:4 sdc 8:32 active ready running
`-+- policy='service-time 0' prio=9 status=enabled
`- 18:0:0:4 sdj 8:144 active ready runningDị ka ị pụrụ ịhụ, niile atọ mebere diski na nchekwa usoro na-ahụ n'akụkụ abụọ ụzọ. Ya mere, arụchara ọrụ nkwadebe niile, nke pụtara na ị nwere ike ịga n'ihu na akụkụ bụ isi - ịmepụta ụyọkọ oVirt, nke a ga-atụle n'isiokwu na-esonụ.
isi: www.habr.com