Difference between pages "Open vSwitch" and "Installing a Cron Daemon"

From Funtoo
(Difference between pages)
Jump to navigation Jump to search
(update)
 
(fill out page)
 
Line 1: Line 1:
== Open vSwitch ==
== Introduction ==
Cron daemons allow you to configure certain tasks to be run at specific times. Installing a cron daemon is a good idea because some packages may assume that you have a cron daemon installed and create jobs to update their databases with a cron daemon. There are several different loggers available to Funtoo users:
* '''Fcron'''
* '''Cronie'''
* '''Vixie-Cron'''


Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable massive network automation through programmatic extension, while still supporting standard management interfaces and protocols (e.g. NetFlow, sFlow, SPAN, RSPAN, CLI, LACP, 802.1ag). In addition, it is designed to support distribution across multiple physical servers similar to VMware's vNetwork distributed vswitch or Cisco's Nexus 1000V.
== Installation ==
To install the cron daemon, run the following command:
<console>
# ##i## emerge --ask fcron


=== Features ===
These are the packages that would be merged, in order:


The current stablerelease of Open vSwitch (version 1.4.0) supports the following features:
Calculating dependencies... done!
[ebuild  N    ] sys-process/cronbase-0.3.2-r1
[ebuild  N    ] sys-process/fcron-3.1.2-r2  USE="mta pam readline system-crontab -debug (-selinux)" LINGUAS="-fr"


* Visibility into inter-VM communication via NetFlow, sFlow(R), SPAN, RSPAN, and GRE-tunneled mirrors
##b## Would you like to merge these packages? [Yes/No]##i## yes
* LACP (IEEE 802.1AX-2008)
</console>
* Standard 802.1Q VLAN model with trunking
* A subset of 802.1ag CCM link monitoring
* STP (IEEE 802.1D-1998)
* Fine-grained min/max rate QoS
* Support for HFSC qdisc
* Per VM interface traffic policing
* NIC bonding with source-MAC load balancing, active backup, and L4 hashing
* OpenFlow protocol support (including many extensions for virtualization)
* IPv6 support
* Multiple tunneling protocols (Ethernet over GRE, CAPWAP, IPsec, GRE over IPsec)
* Remote configuration protocol with local python bindings
* Compatibility layer for the Linux bridging code
* Kernel and user-space forwarding engine options
* Multi-table forwarding pipeline with flow-caching engine
* Forwarding layer abstraction to ease porting to new software and hardware platforms


== Configuring Open vSwitch ==
Now enable the cron init script so that is starts when your system boots, and enable the cron daemon:


Open vSwitch needs to be compiled with the kernel modules (modules USE flag) for kernel versions <3.3, since 3.3.0 it is included in the kernel as a module named "Open vSwitch" and can be found in kernel at '''Networking Support -> Networking Options -> Open vSwitch'''. Then just emerge openvswitch with
<console>
# ##i##rc-update add fcron default
* service fcron added to runlevel default
# ##i##rc
* Caching service dependencies ...              [ ok ]
* Starting fcron ...                           [ ok ]
</console>


<pre>
=== System Cron Jobs ===
# emerge -avt openvswitch
</pre>


== Using Open vSwitch ==
After the cron daemon has been emerged, you may see a message to run <tt>emerge --config</tt> to configure your cron daemon to process system cron jobs. System cron jobs are scripts that are installed by various packages into the following directories:


These Configs are taken from the Open vSwitch website at http://openvswitch.org and adjusted to funtoo's needs
* <tt>/etc/cron.hourly</tt>
* <tt>/etc/cron.daily</tt>
* <tt>/etc/cron.weekly</tt>
* <tt>/etc/cron.monthly</tt>


=== VLANs ===
For example, you should find a <tt>/etc/cron.daily/man-db</tt> script that is installed by the <tt>man-db</tt> ebuild. This system cron job updates the man cache every day.


==== Setup ====
You may choose to enable your cron daemon so that it runs system cron jobs, or choose not to. Enabling a cron daemon to run system cron jobs will result in a bit more activity on your system, but should ensure that the system runs more optimally most of the time (caching of man pages, etc.)


* Two Physical Networks
If you would like to have your system run system cron jobs, use <tt>emerge --config</tt> as specified in the emerge output:
** Data Network: Eternet network for VM data traffic, which will carry VLAN tagged traffic between VMs. Your physical switch(es) must be capable of forwarding VLAN tagged traffic and the physical switch ports should be VLAN trunks (Usually this is default behavior. Configuring your physical switching hardware is beyond the scope of this document).
** Management Network: This network is not strictly required, but it is a simple way to give the physical host an IP address for remote access, since an IP address cannot be assigned directly to eth0.
* Two Physical Hosts
Host1, Host2. Both hosts are running Open vSwitch. Each host has two NICs:
** eth0 is connected to the Data Network. No IP address can be assigned on eth0
** eth1 is connected to the Management Network (if necessary). eth1 has an IP address that is used to reach the physical host for management.
* Four VMs
VM1, VM2 run on Host1. VM3, VM4 run on Host2.
Each VM has a single interface that appears as a Linux device (e.g., "tap0") on the physical host. (Note: for Xen/XenServer, VM interfaces appear as Linux devices with names like "vif1.0").
[[image:2host-4vm.png]]


==== Goal ====
<console>
# ##i##emerge --config sys-process/fcron
Configuring pkg... * This is going to set up fcron to execute check_system_crontabs. * In this configuration, you're no longer free to edit the systab * at your leisure, at it'll be rewritten the moment the crontabs * are modified.Rebuilding fcron systab.2013-10-19 21:20:38  INFO installing file /tmp/fcrontab.84pova for user systabModifications will be taken into account right now.</console>


Isolate VMs using VLANs on the Data Network.
Your cron daemon is now configured to automatically run system cron jobs.
VLAN1: VM1, VM3
VLAN2: VM2, VM4


==== Configuration ====
[[Category:System]]
Perform the following configuration on Host1:
# Create an OVS bridge <pre>ovs-vsctl add-br br0</pre>
# Add eth0 to the bridge (by default, all OVS ports are VLAN trunks, so eth0 will pass all VLANs) <pre>ovs-vsctl add-port br0 eth0</pre>
# Add VM1 as an "access port" on VLAN1 <pre>ovs-vsctl add-port br0 tap0 tag=1</pre>
# Add VM2 on VLAN2 <pre>ovs-vsctl add-port br0 tap0 tag=2</pre>
On Host2, repeat the same configuration to setup a bridge with eth0 as a trunk <pre>ovs-vsctl add-br br0
ovs-vsctl add-port br0 eth0</pre>
# Add VM3 to VLAN1 <pre>ovs-vsctl add-port br0 tap0 tag=1</pre>
# Add VM4 to VLAN2 <pre>ovs-vsctl add-port br0 tap0 tag=2</pre>
 
=== sFlow ===
This will setup a VM traffic Monitor using sFlow.
==== Setup ====
* Two Physical Networks
** Data Network: Eternet network for VM data traffic.
** Management Network: This network must exist, as it is used to send sFlow data from the agent to the remote collector.
* Two Physical Hosts
** Host1 runs Open vSwitch and has two NICs:
*** eth0 is connected to the Data Network. No IP address can be assigned on eth0.
*** eth1 is connected to the Management Network. eth1 has an IP address for management traffic (including sFlow).
** Monitoring Host can be any computer that run the sFlow collector. Here we use [http://www.inmon.com/products/sFlowTrend.php sFlowTrend], a free sFlow collector, a simple cross-platform Java tool. Other sFlow collectors should work equally well.
*** eth0 is connected to the Management Netowrk: eth0 has an IP address that can reach Host1.
* Two VMs
VM1, VM2 run on Host1. Each VM has a single interface that appears as a Linux device (e.g., "tap0") on the physical host. (Note: same for Xen/XenServer as in the VLANs section.)
[[image:sflow-setup.png]]
 
==== Goal ====
Monitor traffic sent to/from VM1 and VM2 on the Data network using an sFlow collector.
 
==== Configuration ====
Define the following configuration values in your shell environment. The default port for sFlowTrend is 6343. You will want to set your own IP address for the collector in the place of 10.0.0.1. Setting the AGENT_IP value to eth1 indicates that the sFlow agent should send traffic from eth1's IP address. The other values indicate settings regarding the frequency and type of packet sampling that sFlow should perform.
<pre>
# export COLLECTOR_IP=10.0.0.1
# export COLLECTOR_PORT=6343
# export AGENT_IP=eth1
# export HEADER_BYTES=128
# export SAMPLING_N=64
# export POLLING_SECS=10
</pre>
Run the following command to create an sFlow configuration and attach it to bridge br0:
<pre>
ovs-vsctl -- -id=@sflow create sflow agent=${AGENT_IP}  target=\”${COLLECTOR_IP}:${COLLECTOR_PORT}\” header=${HEADER_BYTES} sampling=${SAMPLING_N} polling=${POLLING_SECS} — set bridge br0 sflow=@sflow
</pre>
That is all. To configure sFlow on additional bridges, just replace "br0" in the above command with a different bridge name.
To remove sFlow configuration from a bridge (in this case, 'br0'), run:
<pre>
ovs-vsctl remove bridge br0 sflow $SFLOWUUID
</pre>
To see all current sets of sFlow configuration parameters, run:
<pre>
ovs-vsctl list sflow
</pre>
 
=== QoS Rate-limiting ===

Revision as of 21:27, October 19, 2013

Introduction

Cron daemons allow you to configure certain tasks to be run at specific times. Installing a cron daemon is a good idea because some packages may assume that you have a cron daemon installed and create jobs to update their databases with a cron daemon. There are several different loggers available to Funtoo users:

  • Fcron
  • Cronie
  • Vixie-Cron

Installation

To install the cron daemon, run the following command:

root #  emerge --ask fcron

These are the packages that would be merged, in order:

Calculating dependencies... done!
[ebuild  N     ] sys-process/cronbase-0.3.2-r1
[ebuild  N     ] sys-process/fcron-3.1.2-r2  USE="mta pam readline system-crontab -debug (-selinux)" LINGUAS="-fr" 

root ##b## Would you like to merge these packages? [Yes/No] yes

Now enable the cron init script so that is starts when your system boots, and enable the cron daemon:

root # rc-update add fcron default
* service fcron added to runlevel default
root # rc
 * Caching service dependencies ...              [ ok ]
 * Starting fcron ...                            [ ok ]

System Cron Jobs

After the cron daemon has been emerged, you may see a message to run emerge --config to configure your cron daemon to process system cron jobs. System cron jobs are scripts that are installed by various packages into the following directories:

  • /etc/cron.hourly
  • /etc/cron.daily
  • /etc/cron.weekly
  • /etc/cron.monthly

For example, you should find a /etc/cron.daily/man-db script that is installed by the man-db ebuild. This system cron job updates the man cache every day.

You may choose to enable your cron daemon so that it runs system cron jobs, or choose not to. Enabling a cron daemon to run system cron jobs will result in a bit more activity on your system, but should ensure that the system runs more optimally most of the time (caching of man pages, etc.)

If you would like to have your system run system cron jobs, use emerge --config as specified in the emerge output:

root # emerge --config sys-process/fcron
Configuring pkg... * This is going to set up fcron to execute check_system_crontabs. * In this configuration, you're no longer free to edit the systab * at your leisure, at it'll be rewritten the moment the crontabs * are modified.Rebuilding fcron systab.2013-10-19 21:20:38  INFO installing file /tmp/fcrontab.84pova for user systabModifications will be taken into account right now.

Your cron daemon is now configured to automatically run system cron jobs.