标签:ovs -- ip exit INTERFACE docker port vxlan
#!/bin/bash
#安装Docker
echo "nameserver 114.114.114.114">/etc/resolv.conf
rm -rf /var/lib/docker
yum remove docker \
docker-client \
docker-client-latest \
docker-common \
docker-latest \
docker-latest-logrotate \
docker-logrotate \
docker-engine -y
yum install -y yum-utils
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce docker-ce-cli containerd.io
systemctl restart docker
systemctl enable docker
#指定安装docker版本
#yum list docker-ce --showduplicates | sort -r
# yum install -y docker-ce-<VERSION_STRING> docker-ce-cli-<VERSION_STRING> containerd.io
docker pull ubuntu
docker image
docker ps
cat>>/usr/local/bin/rmContainer<<'EOF'
#!/bin/bash
ContainerList=$(docker ps | tail -n +2 | awk '{print $1}')
for i in $ContainerList
do
docker rm $i -f &>/dev/null
done
docker ps
EOF
cat>>/usr/local/bin/creContainer<<'EOF'
#!/bin/bash
ContainerList=$(docker ps | tail -n +2 | awk '{print $1}')
Image=92c527af7889
i=1
var=$1
total=$2
while [[ $i -le $total ]]
do
docker run -itd --net=none --privileged --name $var$i $Image &>/dev/null
let i++
done
docker ps
EOF
chmod 777 /usr/local/bin/*
#安装ovs-vsctl
echo "nameserver 114.114.114.114">/etc/resolv.conf
yum install -y centos-release-openstack-train
systemctl stop NetworkManager && systemctl disable NetworkManager
yum install -y libmlx5 libibverbs libmlx4 libibverbs bridge-utils openvswitch-2.12.0-1.el7.x86_64
systemctl enable openvswitch && systemctl start openvswitch
clear
echo
ovs-vsctl show
#安装ovs-docker
cat>>/usr/local/bin/ovs-docker<<'EOF'
#!/bin/bash
# Copyright (C) 2014 Nicira, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Check for programs we'll need.
search_path () {
save_IFS=$IFS
IFS=:
for dir in $PATH; do
IFS=$save_IFS
if test -x "$dir/$1"; then
return 0
fi
done
IFS=$save_IFS
echo >&2 "$0: $1 not found in \$PATH, please install and try again"
exit 1
}
ovs_vsctl () {
ovs-vsctl --timeout=60 "$@"
}
create_netns_link () {
mkdir -p /var/run/netns
if [ ! -e /var/run/netns/"$PID" ]; then
ln -s /proc/"$PID"/ns/net /var/run/netns/"$PID"
trap 'delete_netns_link' 0
for signal in 1 2 3 13 14 15; do
trap 'delete_netns_link; trap - $signal; kill -$signal $$' $signal
done
fi
}
delete_netns_link () {
rm -f /var/run/netns/"$PID"
}
get_port_for_container_interface () {
CONTAINER="$1"
INTERFACE="$2"
PORT=`ovs_vsctl --data=bare --no-heading --columns=name find interface \
external_ids:container_id="$CONTAINER" \
external_ids:container_iface="$INTERFACE"`
if [ -z "$PORT" ]; then
echo >&2 "$UTIL: Failed to find any attached port" \
"for CONTAINER=$CONTAINER and INTERFACE=$INTERFACE"
fi
echo "$PORT"
}
add_port () {
BRIDGE="$1"
INTERFACE="$2"
CONTAINER="$3"
if [ -z "$BRIDGE" ] || [ -z "$INTERFACE" ] || [ -z "$CONTAINER" ]; then
echo >&2 "$UTIL add-port: not enough arguments (use --help for help)"
exit 1
fi
shift 3
while [ $# -ne 0 ]; do
case $1 in
--ipaddress=*)
ADDRESS=`expr X"$1" : 'X[^=]*=\(.*\)'`
shift
;;
--macaddress=*)
MACADDRESS=`expr X"$1" : 'X[^=]*=\(.*\)'`
shift
;;
--gateway=*)
GATEWAY=`expr X"$1" : 'X[^=]*=\(.*\)'`
shift
;;
--mtu=*)
MTU=`expr X"$1" : 'X[^=]*=\(.*\)'`
shift
;;
*)
echo >&2 "$UTIL add-port: unknown option \"$1\""
exit 1
;;
esac
done
# Check if a port is already attached for the given container and interface
PORT=`get_port_for_container_interface "$CONTAINER" "$INTERFACE" \
2>/dev/null`
if [ -n "$PORT" ]; then
echo >&2 "$UTIL: Port already attached" \
"for CONTAINER=$CONTAINER and INTERFACE=$INTERFACE"
exit 1
fi
if ovs_vsctl br-exists "$BRIDGE" || \
ovs_vsctl add-br "$BRIDGE"; then :; else
echo >&2 "$UTIL: Failed to create bridge $BRIDGE"
exit 1
fi
if PID=`docker inspect -f '{{.State.Pid}}' "$CONTAINER"`; then :; else
echo >&2 "$UTIL: Failed to get the PID of the container"
exit 1
fi
create_netns_link
# Create a veth pair.
ID=`uuidgen | sed 's/-//g'`
PORTNAME="${ID:0:13}"
ip link add "${PORTNAME}_l" type veth peer name "${PORTNAME}_c"
# Add one end of veth to OVS bridge.
if ovs_vsctl --may-exist add-port "$BRIDGE" "${PORTNAME}_l" \
-- set interface "${PORTNAME}_l" \
external_ids:container_id="$CONTAINER" \
external_ids:container_iface="$INTERFACE"; then :; else
echo >&2 "$UTIL: Failed to add "${PORTNAME}_l" port to bridge $BRIDGE"
ip link delete "${PORTNAME}_l"
exit 1
fi
ip link set "${PORTNAME}_l" up
# Move "${PORTNAME}_c" inside the container and changes its name.
ip link set "${PORTNAME}_c" netns "$PID"
ip netns exec "$PID" ip link set dev "${PORTNAME}_c" name "$INTERFACE"
ip netns exec "$PID" ip link set "$INTERFACE" up
if [ -n "$MTU" ]; then
ip netns exec "$PID" ip link set dev "$INTERFACE" mtu "$MTU"
fi
if [ -n "$ADDRESS" ]; then
ip netns exec "$PID" ip addr add "$ADDRESS" dev "$INTERFACE"
fi
if [ -n "$MACADDRESS" ]; then
ip netns exec "$PID" ip link set dev "$INTERFACE" address "$MACADDRESS"
fi
if [ -n "$GATEWAY" ]; then
ip netns exec "$PID" ip route add default via "$GATEWAY"
fi
}
del_port () {
BRIDGE="$1"
INTERFACE="$2"
CONTAINER="$3"
if [ "$#" -lt 3 ]; then
usage
exit 1
fi
PORT=`get_port_for_container_interface "$CONTAINER" "$INTERFACE"`
if [ -z "$PORT" ]; then
exit 1
fi
ovs_vsctl --if-exists del-port "$PORT"
ip link delete "$PORT"
}
del_ports () {
BRIDGE="$1"
CONTAINER="$2"
if [ "$#" -lt 2 ]; then
usage
exit 1
fi
PORTS=`ovs_vsctl --data=bare --no-heading --columns=name find interface \
external_ids:container_id="$CONTAINER"`
if [ -z "$PORTS" ]; then
exit 0
fi
for PORT in $PORTS; do
ovs_vsctl --if-exists del-port "$PORT"
ip link delete "$PORT"
done
}
set_vlan () {
BRIDGE="$1"
INTERFACE="$2"
CONTAINER_ID="$3"
VLAN="$4"
if [ "$#" -lt 4 ]; then
usage
exit 1
fi
PORT=`get_port_for_container_interface "$CONTAINER_ID" "$INTERFACE"`
if [ -z "$PORT" ]; then
exit 1
fi
ovs_vsctl set port "$PORT" tag="$VLAN"
}
usage() {
cat << EOF
${UTIL}: Performs integration of Open vSwitch with Docker.
usage: ${UTIL} COMMAND
Commands:
add-port BRIDGE INTERFACE CONTAINER [--ipaddress="ADDRESS"]
[--gateway=GATEWAY] [--macaddress="MACADDRESS"]
[--mtu=MTU]
Adds INTERFACE inside CONTAINER and connects it as a port
in Open vSwitch BRIDGE. Optionally, sets ADDRESS on
INTERFACE. ADDRESS can include a '/' to represent network
prefix length. Optionally, sets a GATEWAY, MACADDRESS
and MTU. e.g.:
${UTIL} add-port br-int eth1 c474a0e2830e
--ipaddress=192.168.1.2/24 --gateway=192.168.1.1
--macaddress="a2:c3:0d:49:7f:f8" --mtu=1450
del-port BRIDGE INTERFACE CONTAINER
Deletes INTERFACE inside CONTAINER and removes its
connection to Open vSwitch BRIDGE. e.g.:
${UTIL} del-port br-int eth1 c474a0e2830e
del-ports BRIDGE CONTAINER
Removes all Open vSwitch interfaces from CONTAINER. e.g.:
${UTIL} del-ports br-int c474a0e2830e
set-vlan BRIDGE INTERFACE CONTAINER VLAN
Configures the INTERFACE of CONTAINER attached to BRIDGE
to become an access port of VLAN. e.g.:
${UTIL} set-vlan br-int eth1 c474a0e2830e 5
Options:
-h, --help display this help message.
\EOF
}
UTIL=$(basename $0)
search_path ovs-vsctl
search_path docker
search_path uuidgen
if (ip netns) > /dev/null 2>&1; then :; else
echo >&2 "$UTIL: ip utility not found (or it does not support netns),"\
"cannot proceed"
exit 1
fi
if [ $# -eq 0 ]; then
usage
exit 0
fi
case $1 in
"add-port")
shift
add_port "$@"
exit 0
;;
"del-port")
shift
del_port "$@"
exit 0
;;
"del-ports")
shift
del_ports "$@"
exit 0
;;
"set-vlan")
shift
set_vlan "$@"
exit 0
;;
-h | --help)
usage
exit 0
;;
*)
echo >&2 "$UTIL: unknown command \"$1\" (use --help for help)"
exit 1
;;
esac
EOF
chmod 777 /usr/local/bin/*
标签:ovs,--,ip,exit,INTERFACE,docker,port,vxlan 来源: https://www.cnblogs.com/vmsysjack/p/16678009.html
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。