某云中心计划采用3台龙芯服务器、2台华为光纤交换机与品高云平台实现系统搭建。由于品高云平台在适配龙芯平台时有两个要求,一是操作系统需要是longnix(大概当前基于CentOS 8.4版本),另一个是存算分离(存储单独3台服务器,计算单独3台服务器),所以本地部署将只实现云计算功能但不包括热迁移、分布式存储等。
配置需求:
- 每台服务器2张光纤网卡,每张网卡2个10GE光口,每张出1个口作为管理用,每张出1个口作为业务用。
- 服务器与交换机之间链路采用802.3ad作为链路捆绑协议。
服务器网卡顺序如下:
拓扑图大致如下:
服务器1 bond1配置
cd /etc/sysconfig/network-scripts
mkdir bak
cp * bak/
vi ifcfg-bond1
TYPE=bond
NAME=bond1
BOOTPROTO=none
ONBOOT=yes
USECTRL=no
DEVICE=bond1
IPADDR=172.16.18.1
NETMASK=255.255.255.0
GATEWAY=172.16.18.254
BONDING_OPTS="mode=4 miimon=100 lacp_rate=1"
vi ifcfg-有线连接.1
BOOTPROTO=none
USECTRL=no
NAME="有线连接 1"
UUID="xxx"
DEVICE=enP1p3s0f0
ONBOOT=yes
MASTER=bond1
SLAVE=yes
vi ifcfg-有线连接.3
BOOTPROTO=none
USECTRL=no
NAME="有线连接 3"
UUID="xxx"
DEVICE=enP1p5s0f0
ONBOOT=yes
MASTER=bond1
SLAVE=yes
服务器1 bond2配置
cd /etc/sysconfig/network-scripts
mkdir bak
cp * bak/
vi ifcfg-bond2
TYPE=bond
NAME=bond2
BOOTPROTO=none
ONBOOT=yes
USECTRL=no
DEVICE=bond2
BONDING_OPTS="mode=4 miimon=100 lacp_rate=1"
vi ifcfg-有线连接.2
BOOTPROTO=none
USECTRL=no
NAME="有线连接 2"
UUID="xxx"
DEVICE=enP1p3s0f1
ONBOOT=yes
MASTER=bond1
SLAVE=yes
vi ifcfg-有线连接.4
BOOTPROTO=none
USECTRL=no
NAME="有线连接 4"
UUID="xxx"
DEVICE=enP1p5s0f1
ONBOOT=yes
MASTER=bond2
SLAVE=yes
systemctl restart NetworkManager
or
reboot
服务器2和服务器3配置类似以上两段。
交换机配置
基础配置
# 配置时区
clock timezone BJ add 08:00:00
# 配置系统名称
sysname xxx
# 配置telnet server
telnet ipv6 server disable
telnet server-source all-interface
undo telnet ipv6 server-source all-interface
telnet server port 1025
stelnet server enable
# 配置账号
aaa
local-user test123 password irreversible-cipher Test123@1234
local-user test123 service-type ssh
local-user test123 level 3
# 配置ssh server
ssh server rsa-key min-length 3072
ssh server authentication-type keyboard-interactive enable
ssh server-source all-interface
undo ssh ipv6 server-source all-interface
ssh authorization-type default aaa
ssh server cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr
ssh server hmac sha2_512 sha2_256
ssh server key-exchange dh_group_exchange_sha256 curve25519_sha256
ssh server publickey rsa_sha2_256 rsa_sha2_512
ssh server dh-exchange min-len 3072
# 配置console
user-interface con 0
authentication-mode password
set authentication password cipher $1c$sT+SX8o)9G$i%J6N=|!rCrjR<Os86hQEZ&UO87Pj90,4u1lX%D=$
# 配置远程登录
user-interface vty 0 4
authentication-mode aaa
user privilege level 3
堆叠配置
stack
#
stack member 1 domain 10
stack member 1 priority 150
#
stack member 2 domain 10
stack member 2 priority 120
interface 100GE1/0/1
port mode stack
stack-port 1/1
port crc-statistics trigger error-down
device transceiver 100GBASE-COPPER
#
interface 100GE1/0/2
port mode stack
stack-port 1/1
port crc-statistics trigger error-down
device transceiver 100GBASE-COPPER
#
interface 100GE2/0/1
port mode stack
stack-port 2/1
port crc-statistics trigger error-down
device transceiver 100GBASE-COPPER
#
interface 100GE2/0/2
port mode stack
stack-port 2/1
port crc-statistics trigger error-down
device transceiver 100GBASE-COPPER
#
链路绑定
interface eth-trunk 1
port link-type access
port default vlan 18
mode lacp-dynamic
interface 25ge1/0/1
eth-trunk 1
mode 10GE
interface 25ge2/0/1
eth-trunk 1
mode 10GE
检查状态
dis int eth-trunk brief