Loading... 某云中心计划采用3台龙芯服务器、2台华为光纤交换机与品高云平台实现系统搭建。由于品高云平台在适配龙芯平台时有两个要求,一是操作系统需要是longnix(大概当前基于CentOS 8.4版本),另一个是存算分离(存储单独3台服务器,计算单独3台服务器),所以本地部署将只实现云计算功能但不包括热迁移、分布式存储等。 配置需求: 1. 每台服务器2张光纤网卡,每张网卡2个10GE光口,每张出1个口作为管理用,每张出1个口作为业务用。 2. 服务器与交换机之间链路采用802.3ad作为链路捆绑协议。 服务器网卡顺序如下: ![2023-12-23T01:16:08.png][1] 拓扑图大致如下: ![2023-12-23T01:16:25.png][2] # 服务器1 bond1配置 ``` cd /etc/sysconfig/network-scripts mkdir bak cp * bak/ vi ifcfg-bond1 TYPE=bond NAME=bond1 BOOTPROTO=none ONBOOT=yes USECTRL=no DEVICE=bond1 IPADDR=172.16.18.1 NETMASK=255.255.255.0 GATEWAY=172.16.18.254 BONDING_OPTS="mode=4 miimon=100 lacp_rate=1" vi ifcfg-有线连接.1 BOOTPROTO=none USECTRL=no NAME="有线连接 1" UUID="xxx" DEVICE=enP1p3s0f0 ONBOOT=yes MASTER=bond1 SLAVE=yes vi ifcfg-有线连接.3 BOOTPROTO=none USECTRL=no NAME="有线连接 3" UUID="xxx" DEVICE=enP1p5s0f0 ONBOOT=yes MASTER=bond1 SLAVE=yes ``` # 服务器1 bond2配置 ``` cd /etc/sysconfig/network-scripts mkdir bak cp * bak/ vi ifcfg-bond2 TYPE=bond NAME=bond2 BOOTPROTO=none ONBOOT=yes USECTRL=no DEVICE=bond2 BONDING_OPTS="mode=4 miimon=100 lacp_rate=1" vi ifcfg-有线连接.2 BOOTPROTO=none USECTRL=no NAME="有线连接 2" UUID="xxx" DEVICE=enP1p3s0f1 ONBOOT=yes MASTER=bond1 SLAVE=yes vi ifcfg-有线连接.4 BOOTPROTO=none USECTRL=no NAME="有线连接 4" UUID="xxx" DEVICE=enP1p5s0f1 ONBOOT=yes MASTER=bond2 SLAVE=yes ``` ``` systemctl restart NetworkManager or reboot ``` 服务器2和服务器3配置类似以上两段。 # 交换机配置 ## 基础配置 ``` # 配置时区 clock timezone BJ add 08:00:00 # 配置系统名称 sysname xxx # 配置telnet server telnet ipv6 server disable telnet server-source all-interface undo telnet ipv6 server-source all-interface telnet server port 1025 stelnet server enable # 配置账号 aaa local-user test123 password irreversible-cipher Test123@1234 local-user test123 service-type ssh local-user test123 level 3 # 配置ssh server ssh server rsa-key min-length 3072 ssh server authentication-type keyboard-interactive enable ssh server-source all-interface undo ssh ipv6 server-source all-interface ssh authorization-type default aaa ssh server cipher aes256_gcm aes128_gcm aes256_ctr aes192_ctr aes128_ctr ssh server hmac sha2_512 sha2_256 ssh server key-exchange dh_group_exchange_sha256 curve25519_sha256 ssh server publickey rsa_sha2_256 rsa_sha2_512 ssh server dh-exchange min-len 3072 # 配置console user-interface con 0 authentication-mode password set authentication password cipher $1c$sT+SX8o)9G$i%J6N=|!rCrjR<Os86hQEZ&UO87Pj90,4u1lX%D=$ # 配置远程登录 user-interface vty 0 4 authentication-mode aaa user privilege level 3 ``` ## 堆叠配置 ``` stack # stack member 1 domain 10 stack member 1 priority 150 # stack member 2 domain 10 stack member 2 priority 120 interface 100GE1/0/1 port mode stack stack-port 1/1 port crc-statistics trigger error-down device transceiver 100GBASE-COPPER # interface 100GE1/0/2 port mode stack stack-port 1/1 port crc-statistics trigger error-down device transceiver 100GBASE-COPPER # interface 100GE2/0/1 port mode stack stack-port 2/1 port crc-statistics trigger error-down device transceiver 100GBASE-COPPER # interface 100GE2/0/2 port mode stack stack-port 2/1 port crc-statistics trigger error-down device transceiver 100GBASE-COPPER # ``` ## 链路绑定 ``` interface eth-trunk 1 port link-type access port default vlan 18 mode lacp-dynamic interface 25ge1/0/1 eth-trunk 1 mode 10GE interface 25ge2/0/1 eth-trunk 1 mode 10GE ``` 检查状态 ``` dis int eth-trunk brief ``` # 其他图片欣赏 ![2023-12-23T01:25:31.png][3] ![2023-12-23T01:26:45.png][4] ![2023-12-23T01:26:45.png][5] [1]: https://www.sddts.cn/usr/uploads/2023/12/2218358296.png [2]: https://www.sddts.cn/usr/uploads/2023/12/1863544113.png [3]: https://www.sddts.cn/usr/uploads/2023/12/3525784100.png [4]: https://www.sddts.cn/usr/uploads/2023/12/4250601493.png [5]: https://www.sddts.cn/usr/uploads/2023/12/4250601493.png 最后修改:2024 年 05 月 11 日 © 允许规范转载 赞 如果觉得我的文章对你有用,请随意赞赏