Nmcli

Nmcli
NetworkMana ger command line tool基于会话的网路管理

支持模式有
广播( broadcast ) - 容错。所有封包都通过所有Slave 接口广播
轮询( roundrobin ) - 以轮询的方式依次将请求调度不同的服务器，即每次调度执行i = (i + 1) mod n，并选出第i台服务器。算法的优点是其简洁性，它无需记录当前所有连接的状态，所以它是一种无状态调度。
主备( activebackup )容错。一次只能使用一个Slave 接口 , 但是如果该接口出现故障 , 另一个Slave 将 接替它
负载均衡（loadbalance）分摊到多个操作单元上进行执行
第一种配置team高可用
team配置网卡聚合链路
链路聚合是将两个或更多数据信道结合成一个单个的信道，该信道以一个单个的更高带宽的逻辑链路出现。链路聚合一般用来连接一个或多个带宽需求大的设备，例如连接骨干网络的服务器或服务器群。
自动获取ip
1、创建一个新连接，类型是team连接名称team0。
[root@localhost ~]# nmcli connection add type team con-name team0 ifname team0 config ‘{“runner”:{“name”:”activebackup“}}’
连接“team0”(e6f9a434-0942-415d-8384-83d4ccf7e9b9) 已成功添加。

activebackup表示热备，loadbalance表示负载均衡

[root@localhost ~]# nmcli connection show
名称 UUID 类型 设备
ens33 432f3686-5ce7-488a-af28-a5f0e8b14fc4 802-3-ethernet ens33
team0 e6f9a434-0942-415d-8384-83d4ccf7e9b9 team team0
virbr0 9268cc93-c2ca-49b5-8481-5e6a0d70d0c3 bridge virbr0
virbr0-nic 60ef8bb3-6d7a-419a-9331-4990c8c7d81a tun virbr0-nic
有线连接 1 9f4214e8-c52d-4698-afa5-7805087432b1 802-3-ethernet ens38
有线连接 2 5dfe9dff-22f3-4ef1-8513-c1ea97cbf498 802-3-ethernet ens39

2、master 配置好了，还得配置slave，即将eno38和eno39两块网卡加入到team0
[root@localhost ~]# nmcli connection add type team-slave con-name team0-port1 ifname ens38 master team0
连接“team0-port1”(75250597-a53b-4570-967e-e47f644874cc) 已成功添加。
[root@localhost ~]# nmcli connection add type team-slave con-name team0-port2 ifname ens39 master team0
连接“team0-port2”(dfa8b4f8-e54e-4ea6-9a75-67a423e57501) 已成功添加。
3、激活 team0-port1， team0-port2
[root@localhost ~]# nmcli connection up team0-port1
连接已成功激活（D-Bus 活动路径：/org/freedesktop/NetworkManager/ActiveConnection/21）
[root@localhost ~]# nmcli connection up team0-port2
连接已成功激活（D-Bus 活动路径：/org/freedesktop/NetworkManager/ActiveConnection/22）
4、执行nmcli connection show命令查看team0-port1和team0-port2的状态
[root@localhost ~]# nmcli connection show
名称 UUID 类型 设备
ens33 432f3686-5ce7-488a-af28-a5f0e8b14fc4 802-3-ethernet ens33
team0 e6f9a434-0942-415d-8384-83d4ccf7e9b9 team team0
team0-port1 75250597-a53b-4570-967e-e47f644874cc 802-3-ethernet ens38
team0-port2 dfa8b4f8-e54e-4ea6-9a75-67a423e57501 802-3-ethernet ens39
virbr0 9268cc93-c2ca-49b5-8481-5e6a0d70d0c3 bridge virbr0
virbr0-nic 60ef8bb3-6d7a-419a-9331-4990c8c7d81a tun virbr0-nic
有线连接 1 9f4214e8-c52d-4698-afa5-7805087432b1 802-3-ethernet –
有线连接 2 5dfe9dff-22f3-4ef1-8513-c1ea97cbf498 802-3-ethernet –
[root@localhost ~]# nmcli connection up team0
成功激活（主服务器等待从服务器）连接（D-Bus 激活路径：/org/freedesktop/NetworkManager/ActiveConnection/23）
5、看team0当前状态
[root@localhost ~]# teamdctl team0 state
setup:
runner: activebackup
ports:
ens38
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
ens39
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: ens39
6、测试
[root@localhost ~]# ping –I team0 192.168.223.132
PING 192.168.223.132 (192.168.223.132) 56(84) bytes of data.
64 bytes from 192.168.223.132: icmp_seq=1 ttl=64 time=0.029 ms
64 bytes from 192.168.223.132: icmp_seq=2 ttl=64 time=0.061 ms
64 bytes from 192.168.223.132: icmp_seq=3 ttl=64 time=0.057 ms
^C
— 192.168.223.132 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.029/0.049/0.061/0.014 ms
7、测试分别停一个端口的变化/ 两个端口都停掉的变化/在停掉一个真实物理网卡的变化
[root@localhost ~]# nmcli connection down team0-port1

[root@localhost ~]# ping –I team0 192.168.223.132
PING 192.168.223.132 (192.168.223.132) 56(84) bytes of data.
64 bytes from 192.168.223.132: icmp_seq=1 ttl=64 time=0.037 ms
64 bytes from 192.168.223.132: icmp_seq=2 ttl=64 time=0.065 ms
^C
— 192.168.223.132 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.037/0.051/0.065/0.014 ms
8、停用一个从设备真实网卡来检验效果
[root@localhost ~]# nmcli connection up team0-port1
连接已成功激活（D-Bus 活动路径：/org/freedesktop/NetworkManager/ActiveConnection/27）
[root@localhost ~]# teamdctl team0 state
setup:
runner: activebackup
ports:
ens38
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
ens39
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: ens39
[ root@localhost ~]# nmcli device disconnect ens39
成功断开设备 ‘ens39’。
[root@localhost ~]# ping –I team0 192.168.223.132
PING 192.168.223.132 (192.168.223.132) 56(84) bytes of data.
64 bytes from 192.168.223.132: icmp_seq=1 ttl=64 time=0.027 ms
64 bytes from 192.168.223.132: icmp_seq=2 ttl=64 time=0.061 ms
64 bytes from 192.168.223.132: icmp_seq=3 ttl=64 time=0.034 ms
^C
— 192.168.223.132 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 2004ms
rtt min/avg/max/mdev = 0.027/0.040/0.061/0.016 ms
固定ip（手动配置team0）
[root@localhost ~]# nmcli connection up team0
成功激活（主服务器等待从服务器）连接（D-Bus 激活路径：/org/freedesktop/NetworkManager/ActiveConnection/37）
[root@localhost ~]# nmcli connection modify team0 ipv4.addresses 192.168.223.111/24
[root@localhost ~]# nmcli connection modify team0 ipv4.gateway 192.168.223.1
[root@localhost ~]# ping –I team0 192.168.223.111
PING 192.168.223.111 (192.168.223.111) 56(84) bytes of data.
64 bytes from 192.168.223.111: icmp_seq=1 ttl=64 time=0.031 ms
64 bytes from 192.168.223.111: icmp_seq=2 ttl=64 time=0.063 ms
64 bytes from 192.168.223.111: icmp_seq=3 ttl=64 time=0.065 ms
^C
— 192.168.223.111 ping statistics —
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.031/0.053/0.065/0.015 ms

第二种配置软件桥接

网桥是一个链路层设备，可基于MAC地址在网络之间转发流量。网桥识别哪些主机连接到每个网络，构建MAC地址表，然后根据该表做出包转发决策。可以在Linux环境中使用软件网桥以仿真硬件网桥。网桥就是网络桥接，用来连接不同的网段基于会话的网桥，它工作于数据链路层，不但能扩展网络的距离或范围，而且可提高网络的性能、可靠性和安全性。网桥将两个相似的网络连接起来，并对网络数据的流通进行管理。（主要用于连接不同的端口）
1.创建虚拟网桥
[root@localhost ~]# nmcli connection add type bridge con-name br1 ifname br1
连接“br1”(728f1326-5d31-4dae-a6ba-5213183af200) 已成功添加。
2.将网卡连接到虚拟网桥
[root@localhost ~]# nmcli connection add type bridge-slave con-name br1-port0 ifname ens40 master br1
连接“br1-port0”(7a6b37d1-2b52-4f10-9d50-156dbf8c2cb4) 已成功添加。
[root@localhost ~]# nmcli connection up br1-port0
连接已成功激活（D-Bus 活动路径：/org/freedesktop/NetworkManager/ActiveConnection/15）

3.配置虚拟网桥IP信息
[root@localhost ~]# nmcli connection modify br1 ipv4.addresses 192.168.223.123/24
[root@localhost ~]# nmcli connection modify br1 ipv4.gateway 192.168.223.1
[root@localhost ~]# nmcli connection modify br1 ipv4.method manual
4.激活虚拟网桥
[root@localhost ~]# nmcli connection up br1
成功激活（主服务器等待从服务器）连接（D-Bus 激活路径：/org/freedesktop/NetworkManager/ActiveConnection/16）
5.查看虚拟网桥
[root@localhost ~]# ip a
1: lo: < LOOPBACK,UP,LOWER_UP&> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:< BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:fe:79:9b brd ff:ff:ff:ff:ff:ff
inet 192.168.223.129/24 brd 192.168.223.255 scope global dynamic ens33
valid_lft 1366sec preferred_lft 1366sec
inet6 fe80::20c:29ff:fefe:799b/64 scope link
valid_lft forever preferred_lft forever
3: virbr0:< NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:09:b5:36 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic:< NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether 52:54:00:09:b5:36 brd ff:ff:ff:ff:ff:ff
5: ens38: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master team0 state UP qlen 1000
link/ether 36:d9:a2:a1:75:a7 brd ff:ff:ff:ff:ff:ff
6: ens39:< BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master team0 state UP qlen 1000
link/ether 36:d9:a2:a1:75:a7 brd ff:ff:ff:ff:ff:ff
7: team0: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 36:d9:a2:a1:75:a7 brd ff:ff:ff:ff:ff:ff
inet 192.168.223.134/24 brd 192.168.223.255 scope global dynamic team0
valid_lft 1537sec preferred_lft 1537sec
inet6 fe80::2dfa:fe6c:9e12:ac10/64 scope link
valid_lft forever preferred_lft forever
8: br1: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 86:18:c0:76:c9:d5 brd ff:ff:ff:ff:ff:ff
inet 192.168.223.136/24 brd 192.168.223.255 scope global dynamic br1
valid_lft 1697sec preferred_lft 1697sec
inet6 fe80::b99f:374e:efb3:3e6d/64 scope link
valid_lft forever preferred_lft forever
9: ens40:< BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br1 state UP qlen 1000
link/ether 00:0c:29:fe:79:b9 brd ff:ff:ff:ff:ff:ff
第三种配置team桥接
[root@localhost ~]# nmcli connection add type bridge con-name br1 ifname br1
连接“br1”(728f1326-5d31-4dae-a6ba-5213183af200) 已成功添加。
[root@localhost ~]# nmcli connection add type bridge-slave con-name br1-port0 ifname ens40 master br1
连接“br1-port0”(7a6b37d1-2b52-4f10-9d50-156dbf8c2cb4) 已成功添加。
[root@localhost ~]# nmcli connection up br1-port0
连接已成功激活（D-Bus 活动路径：/org/freedesktop/NetworkManager/ActiveConnection/15）
[root@localhost ~]# nmcli connection up br1
成功激活（主服务器等待从服务器）连接（D-Bus 激活路径：/org/freedesktop/NetworkManager/ActiveConnection/16）
[root@localhost ~]# nmcli connection modify br1 ipv4.addresses 192.168.223.123/24
[root@localhost ~]# nmcli connection modify br1 ipv4.gateway 192.168.223.1
[root@localhost ~]# ip a
1: lo:< LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:< BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:fe:79:9b brd ff:ff:ff:ff:ff:ff
inet 192.168.223.129/24 brd 192.168.223.255 scope global dynamic ens33
valid_lft 1366sec preferred_lft 1366sec
inet6 fe80::20c:29ff:fefe:799b/64 scope link
valid_lft forever preferred_lft forever
3: virbr0: < NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:09:b5:36 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic:< NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether 52:54:00:09:b5:36 brd ff:ff:ff:ff:ff:ff
5: ens38:< BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master team0 state UP qlen 1000
link/ether 36:d9:a2:a1:75:a7 brd ff:ff:ff:ff:ff:ff
6: ens39:< BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master team0 state UP qlen 1000
link/ether 36:d9:a2:a1:75:a7 brd ff:ff:ff:ff:ff:ff
7: team0: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 36:d9:a2:a1:75:a7 brd ff:ff:ff:ff:ff:ff
inet 192.168.223.134/24 brd 192.168.223.255 scope global dynamic team0
valid_lft 1537sec preferred_lft 1537sec
inet6 fe80::2dfa:fe6c:9e12:ac10/64 scope link
valid_lft forever preferred_lft forever
8: br1: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 86:18:c0:76:c9:d5 brd ff:ff:ff:ff:ff:ff
inet 192.168.223.136/24 brd 192.168.223.255 scope global dynamic br1
valid_lft 1697sec preferred_lft 1697sec
inet6 fe80::b99f:374e:efb3:3e6d/64 scope link
valid_lft forever preferred_lft forever
9: ens40: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br1 state UP qlen 1000
link/ether 00:0c:29:fe:79:b9 brd ff:ff:ff:ff:ff:ff
[root@localhost ~]# nmcli device disconnect team0
成功断开设备 ‘team0’。
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-team0
添加 BRIDGE=brteam0
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-brteam0
DEVICE=brteam0
ONBOOT=yes
TYPE=Bridge
IPADDR0=192.168.223.10
PREFIXO=24
[root@localhost ~]# systemctl restart NetworkManager
[root@localhost ~]# nmcli device connect team0
成功用 ‘team0’ 激活了设备 ‘b078bff7-5df2-44ea-8cbd-7273ff9da311’。
[root@localhost ~]# ip a
1: lo: < LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:< BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:fe:79:9b brd ff:ff:ff:ff:ff:ff
inet 192.168.223.143/24 brd 192.168.223.255 scope global dynamic ens33
valid_lft 1609sec preferred_lft 1609sec
inet 192.168.223.129/24 brd 192.168.223.255 scope global secondary dynamic ens33
valid_lft 1608sec preferred_lft 1608sec
inet6 fe80::20c:29ff:fefe:799b/64 scope link
valid_lft forever preferred_lft forever
3: virbr0: < NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
link/ether 52:54:00:09:b5:36 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
4: virbr0-nic: < NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
link/ether 52:54:00:09:b5:36 brd ff:ff:ff:ff:ff:ff
5: ens38:< BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master team0 state UP qlen 1000
link/ether 36:4b:ea:3c:f0:79 brd ff:ff:ff:ff:ff:ff
6: ens39: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master team0 state UP qlen 1000
link/ether 36:4b:ea:3c:f0:79 brd ff:ff:ff:ff:ff:ff
8: br1: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 86:18:c0:76:c9:d5 brd ff:ff:ff:ff:ff:ff
inet6 fe80::8418:c0ff:fe76:c9d5/64 scope link
valid_lft forever preferred_lft forever
9: ens40:< BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br1 state UP qlen 1000
link/ether 00:0c:29:fe:79:b9 brd ff:ff:ff:ff:ff:ff
13: team0: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master brteam0 state UP qlen 1000
link/ether 36:4b:ea:3c:f0:79 brd ff:ff:ff:ff:ff:ff
inet6 fe80::344b:eaff:fe3c:f079/64 scope link
valid_lft forever preferred_lft forever
14: brteam0: < BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
link/ether 36:4b:ea:3c:f0:79 brd ff:ff:ff:ff:ff:ff
inet 192.168.223.10/24 brd 192.168.223.255 scope global brteam0
valid_lft forever preferred_lft forever
inet6 fe80::344b:eaff:fe3c:f079/64 scope link
valid_lft forever preferred_lft forever