Linux ❀ RHCE自研教学笔记 - Redhat 8.2 Nmcli服务教研笔记
Posted 国家级干饭型选手°
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Linux ❀ RHCE自研教学笔记 - Redhat 8.2 Nmcli服务教研笔记相关的知识,希望对你有一定的参考价值。
文章目录
Nmcli - NetworkManager 网络管理:Red Hat Enterprise Linux 7与CentOS 7中默认的网络服务由NetworkManager提供,这是动态控制及配置网络的守护进程,它用于保持当前网络设备及连接处于工作状态,同时也支持传统的ifcfg类型的配置文件。
NetworkManager可以用于以下类型的连接:Ethernet,VLANS,Bridges,Bonds,Teams,WiFi,mobile boradband(如移动3G)以及IP-over-InfiniBand;针对与这些网络类型NetworkManager可以配置他们的网络别名,IP地址,静态路由,DNS,VPN连接以及很多其它的特殊参数,可以用命令行工具nmcli来控制NetworkManager;
1、安装服务
在Centos7或者RHEL7的版本中,已经默认安装完成;
[root@localhost ~]# yum install -y NetworkManager
确认服务包
[root@localhost ~]# rpm -qa NetworkManager
NetworkManager-1.22.8-4.el8.x86_64
[root@localhost ~]# rpm -qc NetworkManager
/etc/NetworkManager/NetworkManager.conf
查看服务状态信息
[root@localhost ~]# systemctl status NetworkManager
2、General 常规选项
[root@localhost ~]# nmcli general status /显示网络管理器的整体状态;
STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN
connected full enabled enabled enabled enabled
[root@localhost ~]# nmcli general hostname
localhost.localdomain
[root@localhost ~]# nmcli general hostname redhat8 /修改主机名称;
[root@localhost ~]# hostnamectl set-hostname redhat8
[root@localhost ~]# cat /etc/hostname
localhost.localdomain
[root@localhost ~]# bash /重读bash文件;
[root@localhost ~]# nmcli general permissions /显示当前用户对网络管理器的操作权限;
PERMISSION VALUE
org.freedesktop.NetworkManager.enable-disable-network yes
org.freedesktop.NetworkManager.enable-disable-wifi yes
org.freedesktop.NetworkManager.enable-disable-wwan yes
org.freedesktop.NetworkManager.enable-disable-wimax yes
org.freedesktop.NetworkManager.sleep-wake yes
org.freedesktop.NetworkManager.network-control yes
org.freedesktop.NetworkManager.wifi.share.protected yes
org.freedesktop.NetworkManager.wifi.share.open yes
org.freedesktop.NetworkManager.settings.modify.system yes
org.freedesktop.NetworkManager.settings.modify.own yes
org.freedesktop.NetworkManager.settings.modify.hostname yes
org.freedesktop.NetworkManager.settings.modify.global-dns yes
org.freedesktop.NetworkManager.reload yes
org.freedesktop.NetworkManager.checkpoint-rollback yes
org.freedesktop.NetworkManager.enable-disable-statistics yes
org.freedesktop.NetworkManager.enable-disable-connectivity-check yes
org.freedesktop.NetworkManager.wifi.scan unknown
[root@localhost ~]# nmcli general logging /获取和更改网络管理器日志记录级别和域;
LEVEL DOMAINS
INFO PLATFORM,RFKILL,ETHER,WIFI,BT,MB,DHCP4,DHCP6,PPP,IP4,IP6,AUTOIP4,DNS,VPN,SHARING,SUPPLICANT,AGENTS,SETTINGS,SUSPEND,CORE,DEVICE,OLPC,INFINIBAND,FIREWALL,ADSL,BOND,VLAN,BRIDGE,TEAM,CONCHECK,DCB,DISPATCH,AUDIT,SYSTEMD,PROXY
3、Networking 网络控制
[root@localhost ~]# nmcli networking on /禁用所有接口;
[root@localhost ~]# nmcli networking off /开启所有接口;
[root@localhost ~]# nmcli networking connectivity /获取网络状态;
- none:主机未连接到任何网络;
- portal:无法到达完整的互联网;
- limited:已经连接网络,无法访问互联网;
- full:连接到网络,完全访问互联网;
- unknown:无法找到连接状态;
4、Radio 无线限制传输控制
[root@localhost ~]# nmcli radio all /显示无线开关;
WIFI-HW WIFI WWAN-HW WWAN
enabled enabled enabled enabled
[root@localhost ~]# nmcli radio wifi
enabled
[root@localhost ~]# nmcli radio wwan
enabled
5、Connection 连接管理
show 查看
[root@localhost ~]# nmcli connection show /查看活动连接;
NAME UUID TYPE DEVICE
ens160 a14a76ce-78cd-4325-ba73-79f2d972e6f0 ethernet ens160
Wired connection 1 1fc67d3c-33d5-308e-9f10-c3513fe99db5 ethernet ens192
Wired connection 2 e8cf476a-d2ab-35d9-90c9-15c2736346d0 ethernet ens224
virbr0 50239cee-15a9-4d49-9a89-5c38d2d93be5 bridge virbr0
[root@localhost ~]# nmcli connection show --active /以活动连接进行排序;
[root@localhost ~]# nmcli connection show --order +active /等同于直接show;
[root@localhost ~]# nmcli connection show --order +name /以名称排序;
[root@localhost ~]# nmcli connection show --order -type /以类型排序;
[root@localhost ~]# nmcli connection show ens160 /查看指定连接的详细信息,内容过多省略;
up 激活
[root@localhost ~]# nmcli connection up ens160 /以连接名称激活;
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)
[root@localhost ~]# nmcli connection up ifname ens160 /以设备接口名称激活;
[root@localhost ~]# nmcli connection up a14a76ce-78cd-4325-ba73-79f2d972e6f0 /以UUID激活;
down 停用
[root@localhost ~]# nmcli connection down ens160 /以连接名称停用;
[root@localhost ~]# nmcli connection down ifname ens160 /以设备接口名称停用;
[root@localhost ~]# nmcli connection down a14a76ce-78cd-4325-ba73-79f2d972e6f0 /以UUID停用;
[root@localhost ~]# nmcli connection down ens160 && nmcli connection up ens160 /重启网卡;
modify 属性
给某个网卡添加多个IPv4地址并启用生效;
[root@localhost ~]# nmcli connection modify Wired\\ connection\\ 1 +ipv4.addresses 100.1.1.1/24
[root@localhost ~]# nmcli connection modify Wired\\ connection\\ 1 +ipv4.addresses 200.1.1.1/24
增加IP地址为+IPv4.[参数],删除IP地址为-IPv4.[参数];
[root@localhost ~]# nmcli -f IP4 connection show Wired\\ connection\\ 1
IP4.ADDRESS[1]: 192.168.39.128/24
IP4.GATEWAY: 192.168.39.2
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 192.168.39.2, mt = 101
IP4.ROUTE[2]: dst = 192.168.39.0/24, nh = 0.0.0.0, mt = 101
IP4.DNS[1]: 192.168.39.2
IP4.DOMAIN[1]: localdomain
[root@localhost ~]# nmcli connection up Wired\\ connection\\ 1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/8)
[root@localhost ~]# nmcli -f IP4 connection show Wired\\ connection\\ 1
IP4.ADDRESS[1]: 100.1.1.1/24
IP4.ADDRESS[2]: 200.1.1.1/24
IP4.ADDRESS[3]: 192.168.39.128/24
IP4.GATEWAY: 192.168.39.2
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 192.168.39.2, mt = 104
IP4.ROUTE[2]: dst = 100.1.1.0/24, nh = 0.0.0.0, mt = 104
IP4.ROUTE[3]: dst = 200.1.1.0/24, nh = 0.0.0.0, mt = 104
IP4.ROUTE[4]: dst = 192.168.39.0/24, nh = 0.0.0.0, mt = 104
IP4.DNS[1]: 192.168.39.2
IP4.DOMAIN[1]: localdomain
给某个网卡具体添加某个IP地址、子网掩码、网关、DNS,并让其生效;
[root@localhost ~]# nmcli connection modify Wired\\ connection\\ 2 +ipv4.
+ipv4.addresses +ipv4.dhcp-timeout +ipv4.may-fail
+ipv4.dad-timeout +ipv4.dns +ipv4.method
+ipv4.dhcp-client-id +ipv4.dns-options +ipv4.never-default
+ipv4.dhcp-fqdn +ipv4.dns-priority +ipv4.route-metric
+ipv4.dhcp-hostname +ipv4.dns-search +ipv4.routes
+ipv4.dhcp-hostname-flags +ipv4.gateway +ipv4.route-table
+ipv4.dhcp-iaid +ipv4.ignore-auto-dns +ipv4.routing-rules
+ipv4.dhcp-send-hostname +ipv4.ignore-auto-routes
[root@localhost ~]# nmcli connection modify Wired\\ connection\\ 2 +ipv4.addresses 111.11.11.11/24 ipv4.gateway 111.111.111.111 ipv4.dns 114.114.114.114 ipv4.method manual
[root@localhost ~]# nmcli connection up Wired\\ connection\\ 2
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/9)
[root@localhost ~]# nmcli -f IP4 connection show Wired\\ connection\\ 2
IP4.ADDRESS[1]: 111.11.11.11/24
IP4.GATEWAY: 111.111.111.111
IP4.ROUTE[1]: dst = 111.11.11.0/24, nh = 0.0.0.0, mt = 105
IP4.ROUTE[2]: dst = 111.111.111.111/32, nh = 0.0.0.0, mt = 105
IP4.ROUTE[3]: dst = 0.0.0.0/0, nh = 111.111.111.111, mt = 105
IP4.DNS[1]: 114.114.114.114
add 创建一个新的链接
[root@localhost ~]# nmcli connection add con-name eth1 type ethernet autoconnect yes ifname ens224
Connection 'eth1' (f94d59bb-318e-45bb-b690-ada974f7794b) successfully added.
配置参数解析:
- con-name:链接名称;
- type:类型;
- autoconnect:是否自动连接;
- ifname:连接到的设备名称;
[root@localhost ~]# nmcli connection up eth1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/10)
[root@localhost ~]# nmcli connection show
NAME UUID TYPE DEVICE
eth1 f94d59bb-318e-45bb-b690-ada974f7794b ethernet ens224
Wired connection 2 e8cf476a-d2ab-35d9-90c9-15c2736346d0 ethernet --
close 克隆一个已经存在的链接,链接名称与UUID是新的,其他内容一致
[root@localhost ~]# nmcli connection clone eth1 eth1_1
eth1 (f94d59bb-318e-45bb-b690-ada974f7794b) cloned as eth1_1 (ec2092d1-ad6f-4e96-affc-2cfeeaeead45).
[root@localhost ~]# nmcli connection up eth1_1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/11)
[root@localhost ~]# nmcli connection show
NAME UUID TYPE DEVICE
eth1_1 ec2092d1-ad6f-4e96-affc-2cfeeaeead45 ethernet ens224
eth1 f94d59bb-318e-45bb-b690-ada974f7794b ethernet --
Wired connection 2 e8cf476a-d2ab-35d9-90c9-15c2736346d0 ethernet --
delete 删除某个链接
[root@localhost ~]# nmcli connection delete eth1_1
Connection 'eth1_1' (ec2092d1-ad6f-4e96-affc-2cfeeaeead45) successfully deleted.
[root@localhost ~]# nmcli connection show
NAME UUID TYPE DEVICE
eth1 f94d59bb-318e-45bb-b690-ada974f7794b ethernet ens224
Wired connection 2 e8cf476a-d2ab-35d9-90c9-15c2736346d0 ethernet --
load 从磁盘加载/重新加载某个链接或者文件;
[root@localhost ~]# nmcli connection load /加载所有网卡配置文件;
[root@localhost ~]# nmcli connection load /etc/sysconfig/network-scripts/ifcfg-eth1 /加载某个文件;
6、Device 设备管理
status 设备装备
[root@localhost ~]# nmcli device status /查看设备状态;
DEVICE TYPE STATE CONNECTION
ens160 ethernet connected ens160
ens192 ethernet connected Wired connection 1
ens224 ethernet connected eth1
virbr0 bridge connected virbr0
lo loopback unmanaged --
virbr0-nic tun unmanaged --
show 查看详细信息
[root@localhost ~]# nmcli device show /返回内容比较多此处省略,可接某个网卡名称,表示查看特定网卡详细信息;
set 设置设备属性
[root@localhost ~]# nmcli device set ifname ens192 autoconnect yes /设置某个设备是否自动连接;
connect 连接设备
[root@localhost ~]# nmcli device connect ens192 /连接设备;
Device 'ens192' successfully activated with '1fc67d3c-33d5-308e-9f10-c3513fe99db5'.
reapply 更新设备
[root@localhost ~]# nmcli device reapply ens192 /更新设备应用配置;
Connection successfully reapplied to device 'ens192'.
modify 临时修改设备上处于活动的设备,不会写入文件
[root@localhost ~]# nmcli device modify ens192 +ipv4.addresses 222.22.22.22/24
Connection successfully reapplied to device 'ens192'.
[root@localhost ~]# nmcli device show ens192 | grep 222.22.22.22
IP4.ADDRESS[3]: 222.22.22.22/24
[root@localhost ~]# nmcli connection show
NAME UUID TYPE DEVICE
Wired connection 1 1fc67d3c-33d5-308e-9f10-c3513fe99db5 ethernet ens192
[root@localhost ~]# cat /etc/sysconfig/network-scripts/ifcfg-Wired_connection_1
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME="Wired connection 1"
UUID=1fc67d3c-33d5-308e-9f10-c3513fe99db5
DEVICE=ens192
ONBOOT=yes
AUTOCONNECT_PRIORITY=-999
IPADDR=100.1.1.1
PREFIX=24
IPADDR1=200.1.1.1
PREFIX1=24
disconnect 断开连接设备
[root@localhost ~]# nmcli device disconnect ens192
Device 'ens192' successfully disconnected.
[root@localhost ~]# nmcli device
DEVICE TYPE STATE CONNECTION
ens160 ethernet connected ens160
ens224 ethernet connected eth1
virbr0 bridge connected virbr0
ens192 ethernet disconnected --
lo loopback unmanaged --
virbr0-nic tun unmanaged --
delete 删除设备
只能删除bonds、bridges、teams等软件设备,硬件设备无法删除
[root@localhost ~]# nmcli device delete team1
7、服务应用
(1)配置team链路聚合
[root@localhost ~]# ll /usr/share/doc/teamd/example_configs/
total 64
-rw-r--r--. 1 root root 305 Dec 9 2018 activebackup_arp_ping_1.conf
-rw-r--r--. 1 root root 465 Dec 9 2018 activebackup_arp_ping_2.conf
-rw-r--r--. 1 root root 194 Dec 9 2018 activebackup_ethtool_1.conf
-rw-r--r--. 1 root root 212 Dec 9 2018 activebackup_ethtool_2.conf
-rw-r--r--. 1 root root 241 Dec 9 2018 activebackup_ethtool_3.conf
-rw-r--r--. 1 root root 447 Dec 9 2018 activebackup_multi_lw_1.conf
-rw-r--r--. 1 root root 285 Dec 9 2018 activebackup_nsna_ping_1.conf
-rw-r--r--. 1 root root 318 Dec 9 2018 activebackup_tipc.conf
-rw-r--r--. 1 root root 96 Dec 9 2018 broadcast.conf
-rw-r--r--. 1 root root 209 Dec 9 2018 lacp_1.conf
-rw-r--r--. 1 root root 98 Dec 9 2018 loadbalance_1.conf
-rw-r--r--. 1 root root 140 Dec 9 2018 loadbalance_2.conf
-rw-r--r--. 1 root root 183 Dec 9 2018 loadbalance_3.conf
-rw-r--r--. 1 root root 93 Dec 9 2018 random.conf
-rw-r--r--. 1 root root 244 Dec 9 2018 roundrobin_2.conf
-rw-r--r--. 1 root root 97 Dec 9 2018 roundrobin.conf
[root@localhost ~]# cat /usr/share/doc/teamd/example_configs/broadcast.conf
{
"device": "team0",
"runner": {"name": "broadcast"},
"ports": {"eth1": {}, "eth2": {}}
}
传输模式选择:
- broadcast:广播模式传输来自所有端口的包;
- roundrobin:轮询模式传输来自所有端口的包;
- activebackup:主备模式是一个故障迁移程序,监控链接更改并选择活动的端口进行传输;
- loadbalance:监控流量并使用Hash函数以尝试在选择传输端口时达到均衡;
配置team0:
[root@localhost ~]# cat /usr/share/doc/teamd/example_configs/activebackup_arp_ping_1.conf | grep runner /获取team的模式配置内容,当然也支持手动输入;
"runner": {"name": "activebackup"},
[root@localhost ~]# nmcli connection add con-name team0 type team ifname team0 config '{"runner":{"name":"activebackup"}}' /需要配置聚合接口调用模式;
[root@localhost ~]# nmcli connection add con-name team0 type team ifname team0 mode active-backup /模式直接配置方式;
Connection 'team0' (aad1d76d-43ee-4ebe-8a0e-a5e8f931b48e) successfully added.
[root@localhost ~]# nmcli connection show | grep team
team0 aad1d76d-43ee-4ebe-8a0e-a5e8f931b48e team --
配置team0的网卡信息:
[root@localhost ~]# nmcli connection modify team0 ipv4.addresses 100.1.1.1/24 ipv4.gateway 100.1.1.254 ipv4.dns 114.114.114.114 ipv4.method manual
配置salve接口:
[root@localhost ~]# nmcli connection add con-name team0-slave1 type team-slave ifname ens192 master team0
Connection 'team0-slave1' (ffd034eb-83db-48da-b8e3-2a00d5f72c0e) successfully added.
[root@localhost ~]# nmcli connection add con-name team0-slave2 type team-slave ifname ens224 master team0
Connection 'team0-slave2' (bed545c5-fb36-4355-aac2-9ce1715d29cc) successfully added.
激活接口:
[root@localhost ~]# nmcli connection up team0-slave1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/37)
[root@localhost ~]# nmcli connection up team0-slave2
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/38)
[root@localhost ~]# nmcli connection up team0
Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/39)
查看team状态:
[root@localhost ~]# teamdctl team0 state
setup:
runner: activebackup
ports:
ens192
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
ens224
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: ens192
[root@localhost ~]# ip addr show team0
9: team0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:c3:cf:b8 brd ff:ff:ff:ff:ff:ff
inet 100.1.1.1/24 brd 100.1.1.255 scope global noprefixroute team0
valid_lft forever preferred_lft forever
inet6 fe80::b9e6:4c9e:6ff3:3ddf/64 scope link noprefixroute
valid_lft forever preferred_lft forever
(2)配置br桥接网卡
[root@localhost ~]# nmcli connection add con-name br1 type bridge ifname br1
Connection 'br1' (cc113509-769d-469f-a00c-c06bdf5e1612) successfully added.
[root@localhost ~]# nmcli connection up br1
Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/43)
[root@localhost ~]# nmcli connection show
NAME UUID TYPE DEVICE
br1 cc113509-769d-469f-a00c-c06bdf5e1612 bridge br1
(3)配置bond链路聚合(大致与team相同)
[root@localhost ~]# nmcli connection add type bond con-name bond0 ifname bond0 mode active-backup
Connection 'bond0' (d495885c-a0be-4c76-8295-009b5897a02b) successfully added.
[root@localhost ~]# nmcli connection add type bond-slave con-name bond0-slave1 ifname ens161 master bond0
Connection 'bond0-slave1' (f85df345-6fbe-40b3-8ce3-e4c8dbad850f) successfully added.
[root@localhost ~]# nmcli connection add type bond-slave con-name bond0-slave2 ifname ens256 master bond0
Connection 'bond0-slave2' (7542e133-c650-4b65-b80a-92c39281c8a2) successfully added.
[root@localhost ~]# nmcli connection up bond0-slave1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/45)
[root@localhost ~]# nmcli connection up bond0-slave2
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/46)
[root@localhost ~]# nmcli connection up bond0
Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/47)
[root@localhost ~]# ip addr show bond0
11: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:0c:29:c3:cf:d6 brd ff:ff:ff:ff:ff:ff
inet 192.168.39.131/24 brd 192.168.39.255 scope global dynamic noprefixroute bond0
valid_lft 1663sec preferred_lft 1663sec
inet6 fe80::9eac:3abc:8ec8:4e98/64 scope link noprefixroute
valid_lft forever preferred_lft forever
以上是关于Linux ❀ RHCE自研教学笔记 - Redhat 8.2 Nmcli服务教研笔记的主要内容,如果未能解决你的问题,请参考以下文章
Linux ❀ RHCE自研教学笔记 - Redhat 8.2 SFTP服务教研笔记
Linux ❀ RHCE自研教学笔记 - Redhat 8.2 SFTP服务教研笔记
Linux ❀ RHCE自研教学笔记 - Redhat 8.2 Nmcli服务教研笔记
Linux ❀ RHCE自研教学笔记 - Redhat 8.2 Nmcli服务教研笔记