Nutanix CE ce-2018.01.31-stable から、デフォルトのブリッジ構成が 大きく変更されました。これは以前のブリッジ構成に変更することもできます。
ce-2018.01.31-stable のブリッジの様子は、下記のようになっています。
商用版 Nutanix のドキュメントをもとに、「support for network function VMs」を無効化して、以前のブリッジ構成に戻してみます。(ただし今回の CE は AOS 5.5 想定ですが、このドキュメントは AOS 5.6 のものです)
今回の Nutanix CE のバージョンです。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ cat /etc/nutanix/release_version el7.3-release-ce-2018.01.31-stable-c3b9964290bf2f28799481fed5cf32f92ab3dadc
変更前のネットワーク構成
ユーザ VM を1台だけ起動した状態にしてあります。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ acli vm.list VM name VM UUID vm01 460c2689-2f01-4424-b70b-831942bdcfe3
この VM は nw-vlan-1011-br1 ネットワークに接続されています。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ acli vm.nic_list vm01 Mac Address IP Address Network UUID Network Name 50:6b:8d:0b:99:4c ee32a361-e52a-4f99-834d-041e27394811 nw-vlan-1011-br1
この VM のネットワーク nw-vlan-1011-br1 は、br1 ブリッジが割り当てられています。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ acli net.get nw-vlan-1011-br1 nw-vlan-1011-br1 { identifier: 1011 logical_timestamp: 2 name: "nw-vlan-1011-br1" type: "kBridged" uuid: "ee32a361-e52a-4f99-834d-041e27394811" vswitch_name: "br1" }
ちなみにこの VM は、下記の投稿で見ていた VM です。
CVM から manage_ovs でブリッジを表示しても、機能が有効なのか、無効なのか判別できません。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ manage_ovs show_bridges Bridges: br1 br0
今回は 4ノード クラスタなので、他のノードでも確認しておきます。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ allssh manage_ovs show_bridges ================== 192.168.1.185 ================= Bridges: br1 br0 ================== 192.168.1.186 ================= Bridges: br1 br0 ================== 192.168.1.187 ================= Bridges: br1 br0 ================== 192.168.1.188 ================= Bridges: br1 br0
そこで、AHV からブリッジの様子を確認しておきます。設定変更前は、br1.local に vm01 の vNIC(tap0)が接続されています。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ hostssh "ovs-vsctl show | grep -e Bridge -e tap" ============= 192.168.1.184 ============ Bridge br.dmx Bridge br.microseg Bridge br.mx Bridge br.nf Bridge "br1" Bridge "br0.local" Bridge "br0" Bridge "br1.local" ============= 192.168.1.183 ============ Bridge "br0.local" Bridge br.mx Bridge br.microseg Bridge br.dmx Bridge "br0" Bridge br.nf Bridge "br1" Bridge "br1.local" ============= 192.168.1.182 ============ Bridge br.microseg Bridge "br1" Bridge br.dmx Bridge "br0.local" Bridge "br0" Bridge "br1.local" Bridge br.nf Bridge br.mx ============= 192.168.1.181 ============ Bridge "br0.local" Bridge br.mx Bridge "br1.local" Port "tap0" Interface "tap0" Bridge "br0" Bridge br.nf Bridge br.microseg Bridge br.dmx Bridge "br1"
support for network function VMs の無効化(disable_bridge_chain)
まず 1ノードだけ、disable_bridge_chain で無効化してみます。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ manage_ovs disable_bridge_chain
manage_ovs から見ても、特に変化はありません。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ allssh manage_ovs show_bridges ================== 192.168.1.185 ================= Bridges: br1 br0 ================== 192.168.1.186 ================= Bridges: br1 br0 ================== 192.168.1.187 ================= Bridges: br1 br0 ================== 192.168.1.188 ================= Bridges: br1 br0
AHV の ovs-vsctl show コマンドで確認すると、コマンドを実行した AHV(CVM 192.168.1.185 が起動している AHV 192.168.1.181)だけ、ブリッジが以前の構成に戻っています。ユーザ VM の tap も、自動的に br1.local から br1 に付け替えられました。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ hostssh "ovs-vsctl show | grep -e Bridge -e tap" ============= 192.168.1.184 ============ Bridge br.dmx Bridge br.microseg Bridge br.mx Bridge br.nf Bridge "br1" Bridge "br0.local" Bridge "br0" Bridge "br1.local" ============= 192.168.1.183 ============ Bridge "br0.local" Bridge br.mx Bridge br.microseg Bridge br.dmx Bridge "br0" Bridge br.nf Bridge "br1" Bridge "br1.local" ============= 192.168.1.182 ============ Bridge br.microseg Bridge "br1" Bridge br.dmx Bridge "br0.local" Bridge "br0" Bridge "br1.local" Bridge br.nf Bridge br.mx ============= 192.168.1.181 ============ Bridge "br0" Bridge "br1" Port "tap0" Interface "tap0"
grep なしでの、ovs-vsctl show 出力です。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ ssh root@192.168.5.1 ovs-vsctl show FIPS mode initialized e97f53fc-c1c9-499f-bc14-f4768401d8b0 Bridge "br0" Port "br0-up" Interface "ens224" Interface "ens192" Port "br0-dhcp" Interface "br0-dhcp" type: vxlan options: {key="1", remote_ip="192.168.1.188"} Port "br0" Interface "br0" type: internal Port "br0-arp" Interface "br0-arp" type: vxlan options: {key="1", remote_ip="192.168.5.2"} Port "vnet0" Interface "vnet0" Bridge "br1" Port "br1-arp" Interface "br1-arp" type: vxlan options: {key="2", remote_ip="192.168.5.2"} Port "br1" Interface "br1" type: internal Port "br1-dhcp" Interface "br1-dhcp" type: vxlan options: {key="2", remote_ip="192.168.1.188"} Port "br1-up" Interface "ens256" Interface "ens161" Port "tap0" tag: 1011 Interface "tap0" ovs_version: "2.5.2"
すべてのノードで Bridge Chain を無効化します。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ allssh manage_ovs disable_bridge_chain ================== 192.168.1.185 ================= ================== 192.168.1.186 ================= ================== 192.168.1.187 ================= ================== 192.168.1.188 =================
すべてのノードで AHV のブリッジ構成が変更されました。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ hostssh "ovs-vsctl show | grep -e Bridge -e tap" ============= 192.168.1.184 ============ Bridge "br1" Bridge "br0" ============= 192.168.1.183 ============ Bridge "br0" Bridge "br1" ============= 192.168.1.182 ============ Bridge "br1" Bridge "br0" ============= 192.168.1.181 ============ Bridge "br0" Bridge "br1" Port "tap0" Interface "tap0"
support for network function VMs の有効化(enable_bridge_chain)
ブリッジ構成は、enable_bridge_chain で元に戻すこともできます。ちなみにコマンド実行中に Nutanix クラスタ外部のマシンからユーザ VM に ping を実行していたところ、特にネットワーク断は見受けられませんでした。
nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ allssh manage_ovs enable_bridge_chain ================== 192.168.1.185 ================= ================== 192.168.1.186 ================= ================== 192.168.1.187 ================= ================== 192.168.1.188 ================= nutanix@NTNX-54e60e4a-A-CVM:192.168.1.185:~$ hostssh "ovs-vsctl show | grep -e Bridge -e tap" ============= 192.168.1.184 ============ Bridge "br1" Bridge br.dmx Bridge "br0" Bridge br.mx Bridge "br0.local" Bridge br.nf Bridge "br1.local" Bridge br.microseg ============= 192.168.1.183 ============ Bridge "br1.local" Bridge br.mx Bridge br.dmx Bridge "br0" Bridge br.microseg Bridge br.nf Bridge "br1" Bridge "br0.local" ============= 192.168.1.182 ============ Bridge "br1" Bridge br.microseg Bridge "br1.local" Bridge br.nf Bridge br.dmx Bridge br.mx Bridge "br0.local" Bridge "br0" ============= 192.168.1.181 ============ Bridge br.microseg Bridge br.dmx Bridge br.nf Bridge "br0" Bridge br.mx Bridge "br0.local" Bridge "br1" Bridge "br1.local" Port "tap0" Interface "tap0"
以上。