下面只涉及OpenStack环境的配置以及使用。在计算节点启动PCI Passthrough见:
https://blog.csdn.net/avatar_2009/article/details/107810347
查看PCI设备(compute node)
# lspci -nn |grep Ether
03:00.0 Ethernet controller [0200]: Intel Corporation I350 Gigabit Network Connection [8086:1521] (rev 01)
03:00.1 Ethernet controller [0200]: Intel Corporation I350 Gigabit Network Connection [8086:1521] (rev 01)
03:00.2 Ethernet controller [0200]: Intel Corporation I350 Gigabit Network Connection [8086:1521] (rev 01)
03:00.3 Ethernet controller [0200]: Intel Corporation I350 Gigabit Network Connection [8086:1521] (rev 01)
将03:00:2改成03_00_2,然后获取product id、vendor id,其实上面已经有了(compute node)
# virsh nodedev-dumpxml $(virsh nodedev-list | grep pci | grep 03_00_2)
……
<driver>
<name>vfio-pci</name>
</driver>
<product id='0x1521'>I350 Gigabit Network Connection</product>
<vendor id='0x8086'>Intel Corporation</vendor>
该接口在host上的默认驱动是igb,绑给虚拟机后变成vfio-pci。
配置nova-compute(compute node),编辑文件 /etc/nova/nova.conf:
[pci]
passthrough_whitelist = {"vendor_id":"8086", "product_id":"1521","address":"0000:03:00.2","physical_network":"provider"}
注意:这里只配置了一个网卡0000:03:00.2,如果要配置多个网卡,则去掉"address":"0000:03:00.2"。所有vendor_id与product_id 匹配的PCI设备会被添加到可以直通分配给虚拟机的PCI设备池。
这儿的physical_network在创建 tenant network是要用到,就是--provider-physical-network 选项指定的值,创建VM时要指定此tenant network,每个passthrough的网卡要对应一个physical_network。neutron中physical_network是写到配置文件ml2_conf.ini中的,例如flat_networks = provider和vni_ranges = 3001:4000(见https://blog.csdn.net/avatar_2009/article/details/108153605)。
重启nova-compute
systemctl restart openstack-nova-compute
配置nova-scheduler (controller节点),编辑文件 /etc/nova/nova.conf:
[filter_scheduler]
available_filters=nova.scheduler.filters.all_filters
enabled_filters=RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,PciPassthroughFilter
配置nova-api (controller节点),编辑文件 /etc/nova/nova.conf:
[pci]
alias = {"name": "I350NIC","product_id": "1521","vendor_id": "8086","device_type": "type-PF","numa_policy": "legacy"}
“name”: PCI设备的别名,随便启
“product_id”: 设备的十六进制Product ID
“vendor_id”: 设备的十六进制Vendor ID
“device_type”: PCI设备的类型,有效的值为: “type-PCI”, “type-PF” and “type-VF”。这里应该配置type-PCI才对,但是openstack调度计算节点的时候查找不到有效资源,必须配置成type-PF才行。(清楚原因的朋友,请给我留言,多谢!)
重启nova-scheduler、nova-api服务
systemctl restart openstack-nova-api.service openstack-nova-scheduler.service
创建flavor,通过dashboard创建之后,配置其元数据
pci_passthrough:alias=I350NIC:1
或者使用openstack flavor create命令中加入--property "pci_passthrough:alias"="I350NIC:1"。
就是nova-api中alias配置的,1表示passthrough一个网卡(如果设置了多个网卡,这里可以限制使用量)
使用带pci-passthrough的flavor创建实例,然后验证
# ps -ef |grep vfio-pci
-device vfio-pci,host=03:00.2
# virsh dumpxml instance-00000084
<hostdev mode='subsystem' type='pci' managed='yes'>
<driver name='vfio'/>
<source>
<address domain='0x0000' bus='0x03' slot='0x00' function='0x2'/>
</source>
<alias name='hostdev0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
</hostdev>
登录到虚拟机内部查看,会有两块网卡,一块是openstack网络分配的(不论是内部虚拟网络还是外部网络),另一块是透传的。透传IP需要自己配置,下面的10.184是实验室物理网dhcp分配的。
$ ip add show
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP qlen 1000
link/ether fa:16:3e:6c:7a:8d brd ff:ff:ff:ff:ff:ff
inet 172.16.2.6/24 brd 172.16.2.255 scope global dynamic eth0
3: ens5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 0c:c4:7a:80:52:0a brd ff:ff:ff:ff:ff:ff
inet 192.168.10.184/23 brd 192.168.11.255 scope global dynamic ens5
需要注意的一点
如果是provider networks 两块网卡的IP地址都是外部物理网络。如果是Self-service networks,就会因为默认网络导致透传的网卡IP不能访问,如:
$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.2.1 0.0.0.0 UG 100 0 0 eth0
0.0.0.0 192.168.10.1 0.0.0.0 UG 101 0 0 ens5
169.254.169.254 172.16.2.1 255.255.255.255 UGH 100 0 0 eth0
172.16.2.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
192.168.10.0 0.0.0.0 255.255.254.0 U 100 0 0 ens5
192.168.106.167 192.168.10.1 255.255.255.255 UGH 100 0 0 ens5
因eth0默认网关优先级高于ens5,那么非192.168.10.1/23网段的源地址访问会走eth0返回,而此路不通。
扫一扫
241
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
