Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1243247
  • 博文数量: 389
  • 博客积分: 2874
  • 博客等级: 少校
  • 技术积分: 3577
  • 用 户 组: 普通用户
  • 注册时间: 2009-10-24 10:34
文章分类

全部博文(389)

文章存档

2020年(2)

2018年(39)

2017年(27)

2016年(3)

2015年(55)

2014年(92)

2013年(54)

2012年(53)

2011年(64)

分类: 虚拟化

2014-10-15 11:43:20

点击(此处)折叠或打开

  1. [root@herge ~] yum update
  2. [root@herge ~] yum groupinstall "Development Tools"
  3. [root@herge ~] yum -y install openssl-devel kernel-devel
  4. [root@herge ~] su 其他用户
  5. [ovswitch@herge ~]$
  6. [ovswitch@herge ~]$ tar xfz openvswitch-2.1.2.tar.gz
  7. [ovswitch@herge ~]$ mkdir -p ~/rpmbuild/SOURCES
参考
修改 spice 文件 rhel/openvswitch.spec
将22行 Requires: openvswitch-kmod, logrotate, python
改为     Requires: logrotate, python
rpmbuild -bb ~/openvswitch-2.1.2/rhel/openvswitch.spec

kmod 模块不用编译 centos7 的 3.10内核已经自带了,之前还费劲编了一通。
直接modprobe openvswitch就可以了。

将鬼子那篇文章放上来,因为打开太慢,有时间看看

		

Well, summer is ending, but the summer brought us CentOS 7 and Openvswitch 2.3 Long-Term Support.

Openvswitch’s kernel module is already available in CentOS 7’s 3.10 kernel (also for CentOS 6) so this time I’m only preparing the rpm package to install the command-line tools (e.g ovs-vsctl). I’ve found some issues with CentOS 7 and Openvswitch 2.3.0 version but maybe they will be solved in the future and the rpm generation will be easy as always thanks to Nicira. In any case I’m offering you this post, maybe it can help you.

Let’s start. For the first part we’re creating a user and downloading openvswitch as we’ve done with previous Openvswitch releases.

[root@herge ~] yum -y install wget openssl-devel kernel-devel
[root@herge ~] yum groupinstall "Development Tools"
[root@herge ~] adduser ovswitch
[root@herge ~] su - ovswitch
[ovswitch@herge ~]$ wget [ovswitch@herge ~]$ tar xfz openvswitch-2.3.0.tar.gz
[ovswitch@herge ~]$ mkdir -p ~/rpmbuild/SOURCES

Now we’re removing the openvswitch-kmod package dependency from the spec file offered by Nicira and create a new spec file.

[ovswitch@herge ~]$ sed 's/openvswitch-kmod, //g' openvswitch-2.3.0/rhel/openvswitch.spec > openvswitch-2.3.0/rhel/openvswitch_no_kmod.spec

OK. Now we have two options. In the first one I create the package without tests… I don’t like it but if you can’t be patient…. Option 2 is the one I prefer, I’ll try to contact openvswitch developers so they can apply the change I suggest.

  1. Let’s create the openvswitch rpm package but we’re going to skip the tests. Be warned I don’t know if openvswitch package will work 100%, I haven’t tested, but the rpm will be generated and you should be able to install it. That’s the end of this option, jump to the final section where we start the openvswitch service.
    [ovswitch@herge ~]$ rpmbuild -bb --without check ~/openvswitch-2.3.0/rhel/openvswitch_no_kmod.spec
    [ovswitch@herge ~]$ exit
    [root@herge ~] yum localinstall /home/ovswitch/rpmbuild/RPMS/x86_64/openvswitch-2.3.0-1.x86_64.rpm
  2. Let’s create the rpm package but first we’re going to solve the tests issue. If you run the rpmbuild -bb you may find errors about some tests failing. The tests fail because an SSL issue. It seems that ovs-pki tool generates certificates using MD5 which is considered an insecure algorithm and the error: SSL_connect error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm will be logged. We’re going to change a file so we can run the tests, install the package. If you’ve disabled SELinux jump to the final section, if not continue reading.
    [ovswitch@herge ~]$ rm openvswitch-2.3.0.tar.gz
    [ovswitch@herge ~]$ mv openvswitch-2.3.0/utilities/ovs-pki.in openvswitch-2.3.0/utilities/ovs-pki.tmp
    [ovswitch@herge ~]$ sed 's/md5/sha1/g' openvswitch-2.3.0/utilities/ovs-pki.tmp > openvswitch-2.3.0/utilities/ovs-pki.in
    [ovswitch@herge ~]$ tar czvf ~/rpmbuild/SOURCES/openvswitch-2.3.0.tar.gz openvswitch-2.3.0/
    [ovswitch@herge ~]$ rpmbuild -bb ~/openvswitch-2.3.0/rhel/openvswitch_no_kmod.spec
    [ovswitch@herge ~]$ exit
    [root@herge ~] yum localinstall /home/ovswitch/rpmbuild/RPMS/x86_64/openvswitch-2.3.0-1.x86_64.rpm

    I like SELinux so I try keep it enabled and play with setroubleshoot and sealert to find a way to solve SELinux issues. If you try to start the service you’ll find some errors: install: cannot change owner and permissions of ‘/etc/openvswitch': No such file or directory and Creating empty database /etc/openvswitch/conf.db ovsdb-tool: I/O error: /etc/openvswitch/conf.db: failed to lock lockfile (No such file or directory). This is how I solved them:

    [root@herge ~] mkdir /etc/openvswitch
    [root@herge ~] semanage fcontext -a -t openvswitch_rw_t "/etc/openvswitch(/.*)?"
    [root@herge ~] restorecon -Rv /etc/openvswitch

Final section! We’ve created the rpm package so we’re going to start the openvswitch service using systemctl! the new way to start and stop services.

[root@herge ~]# systemctl start openvswitch.service [root@herge ~]# systemctl -l status openvswitch.service openvswitch.service - LSB: Open vSwitch switch
Loaded: loaded (/etc/rc.d/init.d/openvswitch) Active: active (running) since jue 2014-09-04 20:07:02 CEST; 4s ago Process: 5419 ExecStop=/etc/rc.d/init.d/openvswitch stop (code=exited, status=0/SUCCESS)
Process: 5474 ExecStart=/etc/rc.d/init.d/openvswitch start (code=exited, status=0/SUCCESS)
CGroup: /system.slice/openvswitch.service
├─5496 ovsdb-server: monitoring pid 5497 (healthy) 
├─5497 ovsdb-server /etc/openvswitch/conf.db -vconsole:emer -vsyslog:err -vfile:info --remote=punix:/var/run/openvswitch/db.sock --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --no-chdir --log-file=/var/log/openvswitch/ovsdb-server.log --pidfile=/var/run/openvswitch/ovsdb-server.pid --detach --monitor
├─5506 ovs-vswitchd: monitoring pid 5507 (healthy) 
└─5507 ovs-vswitchd unix:/var/run/openvswitch/db.sock -vconsole:emer -vsyslog:err -vfile:info --mlockall --no-chdir --log-file=/var/log/openvswitch/ovs-vswitchd.log --pidfile=/var/run/openvswitch/ovs-vswitchd.pid --detach --monitor
sep 04 20:07:02 herge.artemit.com.es systemd[1]: Starting LSB: Open vSwitch switch... sep 04 20:07:02 herge.artemit.com.es openvswitch[5474]: Starting ovsdb-server [ OK ] sep 04 20:07:02 herge.artemit.com.es ovs-vsctl[5498]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait -- init -- set Open_vSwitch . db-version=7.6.0
sep 04 20:07:02 herge.artemit.com.es ovs-vsctl[5503]: ovs|00001|vsctl|INFO|Called as ovs-vsctl --no-wait set Open_vSwitch . ovs-version=2.3.0 "external-ids:system-id=\"4f7759f2-19e9-4be0-8960-c19c124a4528\"" "system-type=\"unknown\"" "system-version=\"unknown\""
sep 04 20:07:02 herge.artemit.com.es openvswitch[5474]: Configuring Open vSwitch system IDs [ OK ] sep 04 20:07:02 herge.artemit.com.es openvswitch[5474]: Starting ovs-vswitchd [ OK ] sep 04 20:07:02 herge.artemit.com.es openvswitch[5474]: Enabling remote OVSDB managers [ OK ] 

And, openvswitch 2.3.0 tools are ready in my CentOS 7 host. If you’ve doubts about using the kernel module and not compiling the openvswitch kernel mode please .

Thanks for reading!



阅读(2224) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~