evsadm
evsadm set-prop -p <prop>=[<val>[,...]] evsadm show-prop [[-c] -o <field>[,...]] [-p <prop>[,...]]
evsadm set-controlprop [-h host] -p <prop>=[<val>[,...]] evsadm show-controlprop [[-c] -o <field>[,...]] [-p <prop>[,...]]
evsadm create-evs [-T <tenantname>] [-p {<prop>=<val>[,...]}[,..]]
<evsname>
evsadm delete-evs [-T <tenantname>] <evsname>
evsadm show-evs [-f {<fname>=<val>[,...]}[,...]] [[-c] -o <field>[,...]]
[<evsname>]
evsadm add-ipnet [-T <tenantname>]
-p subnet=<val>[{,<prop>=<val>[,...]}[,...]] <evsname>/<ipnetname>
evsadm remove-ipnet [-T <tenantname>] <evsname>/<ipnetname>
evsadm show-ipnet [-f {<fname>=<val>[,...]}[,...]] [[-c] -o <field>[,...]]
[[<evsname>/][ipnetname]]
evsadm add-vport [-T <tenantname>] [-p {<prop>=val[,...]}[,...]]
<evsname>/<vportname>
evsadm remove-vport [-T <tenantname>] <evsname>/<vportname>
evsadm reset-vport [-T <tenantname>] <evsname>/<vportname>
evsadm show-vport [-f {<fname>=<val>[,...]}[,...]] [[-c] -o <field>[,...]]
[[<evsname>/][<vportname>]]
evsadm set-evsprop [-T <tenantname>] -p <prop>=<val> <evsname>
evsadm show-evsprop [-f {<fname>=<val>[,...]}[,...]]
[[-c] -o <field>[,...]] [-p <prop>[,...]] [evsname]
evsadm set-vportprop [-T <tenantname>] -p <prop>=<val>
<evsname>/<vportname>
evsadm show-vportprop [-f {<fname>=<val>[,...]}[,...]]
[[-c] -o <field>[,...]] [-p <prop>[,...]] [[evsname/][vportname]]
evsadm help [subcommand-name]
The evsadm command provides a set of subcommands to:
manage EVS
manage IP Network associated with EVS
manage virtual ports associated with EVS
An Elastic Virtual Switch (EVS) is a virtual switch that spans one or more servers (physical machines). It represents an isolated L2 segment, and the isolation is implemented either through VLANs or VXLANs. An EVS provides network connectivity between the Virtual Machines connected to it. There are two main resources associated with an EVS: IPnet and VPort.
An IP network represents a block of either IPv4 or IPv6 addresses (that is, subnet) along with a default router for the block. Only one IPnet can be associated with an EVS. All the zones/VNICs that connect to the EVS, through a VPort, will get an IP address from the IPnet associated with the EVS.
A VPort represents the point of attachment between the VNIC and an EVS. It encapsulates various network configuration parameters such as, SLAs (maxbw, cos, and priority), IP address, and MAC address. This configuration is inherited by the VNIC when it connects to the VPort.
Provides functionality for the configuration and administration of an EVS and all the resources associated with it. One controller should be used to manage all the EVSes in the network. The controller has properties associated with it that captures information that is necessary for implementing L2 segments across physical machines, and these properties can be administered through the set-controlprop subcommand. EVS Controller is implemented as a RAD module and exports RAD interfaces that are used by EVS clients.
This is the entity that communicates with the EVS Controller to define L2 network topologies and the IP addresses used on those networks. So, evsadm(1m) is an EVS Manager.
Through evsadm, using EVS, IPnet, and VPorts, one can define L2 network topologies and the IP addresses used on those networks. Then, use dladm(1M) to connect the VNICs to these topologies or zonecfg(1M) to connect the VNIC anets (therefore, zones) to these topologies. dladm(1m) and zonecfg(1m) form the clients of EVS controller, and they pull the information from the controller to retrieve VPort properties. (evsadm(1m) was used to push the configuration into the controller to begin with). Note that both native and kernel zones are supported.
Any host that wants its VNICs or its Zone's VNIC anet resource to be part of an EVS. Existing tools, dladm(1M), and zonecfg(1M) have been modified to specify that the VNICs need to be part of an EVS.
Tenants are used for namespace management. EVS and its resources defined within a tenant are not visible outside that tenant's namespace. It acts as a container to hold all the tenant's resources together.
Each evsadm subcommand operates on one of the above mentioned objects. The mapping is as shown below.
|
An EVS, IPnet, and a VPort is identified by a name. The name cannot exceed more than 127 characters, and should be a combination of alphanumeric characters, along with '.' and '_'.
In addition, these names may also contain special delimiter characters '-'. These names indicate that the resources were created outside of evsadm. It contains a prefix (identifying the creator) followed by a '-' and a traditional resource name. For example sys-vport0, where, `sys' here means that the resource was created by system. This ensures that resources created using evsadm will never have naming conflicts. Accordingly, evsadm cannot be used to create resources that contain a '-'.
The evsadm command can run on any machine that can communicate with the machine running the EVS controller. It works along with a EVS controller to execute all the evsadm subcommands. Before using evsadm, one has to specify a hostname or the IP address of the EVS Controller. This can be done by setting the 'controller' property through 'set-prop' subcommand.
# evsadm set-prop -p controller=ssh://[username@]evs-controller.example.com # evsadm show-prop NAME VALUE DEFAULT controller ssh://[username@]evs-controller.example.com --
Where, the optional 'username' is an user assigned with Elastic Virtual Switch Administration RBAC profile (See prof_attr(4)). To simplify configuration, a user called 'evsuser' who has all the authroizations and privileges to perform EVS operations will be created when you install the mandatory EVS IPS package (service/network/evs). If you want to use the shipped 'evsuser', then you would set the controller property to:
# evsadm set-prop -p controller=ssh://evsuser@evs-controller.example.com
As you can see SSH is used to communicate with EVS controller. To make the communication non-interactive, you must setup SSH authentication with pre-shared public keys between the hosts (that is, the host wheree vsadm will be executed, and the EVS controller).
Each subcommand of evsadm has options associated with it, and these options are described in the context of each subcommand below. Many of the subcommands have the following as a common option:
Specifies the name of the tenant in whose namespace the subcommand operation should apply. If not specified, then operation is assumed to be in the default tenant sys-global.
The user must have solaris.network.evs.admin authorization to execute the following subcommands:
create-evs delete-evs show-evs set-evsprop show-evsprop add-ipnet remove-ipnet show-ipnet add-vport remove-vport show-vport set-vportprop show-vportprop reset-vport
The user must have solaris.network.evs.client authorization to execute the set-prop subcommand, solaris.network.evs.controller authorization to execute the set-controlprop subcommand.
An user with RBAC profile "Elastic Virtual Switch Administration" can execute all of the above subcommands.
The following subcommands are supported:
Sets the values of a property for the host where the command is executed. The only supported property is 'controller'. Currently, this property only supports rad(1m) SSH URI scheme. See EXAMPLES, below, for more information.
Name of the property to be set to the specified values. Only one property can be set at a time. Note that if <val> is not provided, the property will be reset to it's default value.
Show the current values of one or more properties for the current host. The only supported property is 'controller', and it specifies the EVS controller to connect to.
A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.
Name of the property
Permission of the property. It is either rw or r-.
Value of the property
Default value of the property
Display using a stable machine-parseable format. The –o option is required with –c. See Parseable Output Format, below.
Modifies the EVS controller's property to the value specified by the user. For the list of Controller properties and their possible values see the, Controller Properties section below. These properties can be retrieved using show-controlprop subcommand.
The property being set is applicable only to the specified host
Name of the controller property to be set to the specified values on the EVS controller. If the property takes multiple values, then the values should be specified with a comma as the delimiter. Only one property can be specified at a time. Note that if <val> is not provided, the property will be reset to it's default value.
Show the current values of one or more properties for the controller. If no properties are specified, then all available Controller properties are displayed. For list of Controller properties see the, Controller Properties section below.
A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.
Name of controller property
Permission of controller property
Value of controller property
Default value of controller property
If the value is '--', then the property applies to all the hosts, or is of global scope. Otherwise, it specifies that the property is applicable to that particular host.
Display using a stable machine-parseable format. The –o option is required with –c. See the, Parseable Output Format section below.
Create an EVS with name evsname. If a tenant name is specified, then the EVS is created within the namespace of that tenant otherwise it will be created in the default tenant sys-global.
See the CONCEPTS section above for more information on –T option.
A comma-separated list of EVS properties to set to the specified values on the EVS being created. Please see, EVS Properties section below for more information on the supported properties.
Deletes the specified EVS. This operation fails if any one of the VPort is in use. A VPort is in use if it has a VNIC connected to it. If none of the VPorts are in use, then this operation will delete all the VPorts and IPnets associated with the EVS. The STATUS field in show-evs output displays whether an EVS is busy or idle.
See the CONCEPTS section above for more information on –T option.
Show EVS information either for all the EVSes managed by the EVS controller or for the specified EVS.
A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:
Filters the EVS by tenant name
Filters the EVS by EVS name
Filters the EVS by host name
Filters the EVS by ipnet name
Filters the EVS by vport name
An EVS represents an isolated L2 segment. To implement or realize this, either VLAN or VXLAN will be used. This option provides that information through following fields.
Name of the EVS
Name of the tenant that owns the EVS
VLAN ID used to implement the EVS
VXLAN segment ID used to implement the EVS
A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.
Name of the EVS
Name of the tenant that owns the EVS
Whether EVS is idle or busy. EVS is busy if it has atleast one VPort that has VNIC connected to it.
Number of virtual ports associated with the EVS.
The list of IP networks associated with the EVS. Currently only one IP network can be associated with an EVS.
The list of hosts that the EVS spans across.
Display using a stable machine-parseable format. The –o option is required with –c. See Parseable Output Format, below.
Add an ipnet with name ipnetname for the given EVS evsname. If tenant name is specified, then the ipnet will be associated with the EVS evsname in tenant tenantname namespace.
See the CONCEPTS section above for more information on –T option.
A comma-separated list of IPnet properties to set to the specified values on the EVS being created. Please see IPnet Properties section below for more information on the supported properties. Note that 'subnet' is a required property and operation fails if it's not specified.
Removes the specified ipnet ipnetname from an EVS evsname. This operation fails if any one of the VPorts is in use. A VPort is in use if it has a VNIC connected to it.
See the CONCEPTS section above for more information on –T option.
Show IPnet information either for all the IPnets managed by the EVS controller or for the specified IPnet.
A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:
Filters the ipnet by tenant name
Filters the ipnet by EVS name
Filters the ipnet by ipnet name
Filters the ipnet by host name
A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.
Name of the ipnet along with name of the EVS with which it is associated. It's of the form evsname/ipnetname.
Name of the ipnet
Name of the EVS
The name of the tenant that owns the EVS.
Represents the subnet (either IPv4 or IPv6) for this IPnet.
Start address of the IP address range.
End address of the IP address range.
The IP address of the default router for the given ipnet.
A comma-separated list of available IP addresses that can be assigned to VPort.
Display using a stable machine-parseable format. The –o option is required with –c. See Parseable Output Format, below.
Add a VPort with name vportname for the given EVS evsname. If tenant name is specified, then the VPort will be associated with the EVS evsname in tenant tenantname namespace.
When a VPort is created, it will be assigned a random MAC address and an IP address from the ipnet address range. Therefore, it's absolutely necessary to associate an IPnet with an EVS before adding VPorts to it.
Note that it is not necessary to add a VPort to an EVS. When a VNIC is being created, it's just sufficient to give the EVS name to connect the VNIC to. In such cases, the controller will generate a system VPort (identified by the prefix 'sys-' in VPort name), and it inherits the EVS properties.
The advantage of explicitly creating a VPort is that you can specify the desired properties for that VPort while creating one, and you can also modify them after creation. On the other hand one can neither specify nor modify the properties of system VPorts.
See the CONCEPTS section above for more information on –T option.
A comma-separated list of VPort properties to set to the specified values on the VPort being created. Please see Virtual Port Properties section below for more information on the supported properties.
Removes the specified VPort. When a VPort is removed, the IP address and the MAC address associated with the VPort is released.
Note that if there is a VNIC associated with this VPort, then the removal of the VPort fails.
See the CONCEPTS section above for more information on –T option.
Resets the specified VPort. When a VPort is associated with a VNIC which actually does not exist, you can release this VPort by reseting it. A system VPort will be deleted on reset.
See the CONCEPTS section above for more information on –T option.
Show VPort information either for all the VPorts managed by the EVS controller or for the specified VPort.
A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:
Filters the VPort by tenant name
Filters the VPort by EVS name
Filters the VPort by VPort name
Filters the VPort by host name
A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.
Name of the VPort along with name of the EVS with which it is associated. It's of the form evsname/vportname.
Name of the VPort
Name of the EVS
Name of the tenant that owns the EVS
Whether VPort is used or free. A VPort is used if it has a VNIC associated with it. Otherwise it's free.
Name of the VNIC associated with the VPort.
The host that has the VNIC associated with the VPort.
Display using a stable machine-parseable format. The –o option is required with –c. See Parseable Output Format, below.
Sets the values of a property on the specified evsname. For the list of EVS properties and their possible values please see the EVS Properties section below. These properties can be retrieved using show-evsprop subcommand.
See the CONCEPTS section above for more information on –T option.
Name of the property to set to the specified values
Show the current values of one or more properties, either for all EVS or for the specified EVS. If no properties are specified, then all available EVS properties are displayed. For list of EVS properties see the EVS Properties section below.
A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:
Filters the EVS by tenant name
Filters the EVS by EVS name
Filters the EVS by host name
A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.
Name of the EVS
Name of the tenant that owns the EVS
Name of the EVS property
The read/write permissions of the property. The value shown is one of r- or rw.
The current property value. If the value is not set, it is shown as '--'. If it is unknown, the value is shown as '?'.
The default value of the property. If the pro- perty has no default value, '--' is shown.
A comma-separated list of the values the pro- perty can have. If the values span a numeric range, min - max might be shown as shorthand. If the possible values are unknown or unbounded, '--' is shown.
Sets the values of a property on the specified vportname. For the list of VPort properties and their possible values see the Virtual Port Properties section below. These properties can be retrieved using show-vportprop subcommand.
If the VPort has a VNIC connected to it, then setting the property on that VPort results in change of VNIC's property as well.
Note that changing the property of system VPort is not allowed. For more information on system VPort see add-vport subcommand.
See the CONCEPTS section above for more information on –T option.
Name of the property to set to the specified values
Show the current values of one or more properties, either for all VPorts or for the specified VPort. If no properties are specified, then all available VPort properties are displayed. For list of VPort properties see the Virtual Port Properties section below.
A comma-separated name-value pairs used to filter the output (Row selection). If multiple filters are specified, then the displayed output is a result of AND operation among the filters. If the filter value is multi-valued, then the displayed output is a result of OR operation among the filter values. The supported filters are:
Filters VPort by tenant name
Filters VPort by EVS name
Filters VPort by VPort name
Filters VPort by host name
A case-insensitive, comma-separated list of output fields to display (Column selection). The field name must be one of the fields listed below, or the special value all to display all fields.
Name of the VPort along with name of the EVS with which it is associated. It's of the form evsname/vportname.
Name of the VPort
Name of the EVS
Name of the tenant that owns the EVS
Name of the VPort property
The read/write permissions of the property. The value shown is one of r- or rw.
The current property value. If the value is not set, it is shown as '--'. If it is unknown, the value is shown as '?'.
The default value of the property. If the property has no default value, '--' is shown.
A comma-separated list of the values the pro- perty can have. If the values span a numeric range, min - max might be shown as shorthand. If the possible values are unknown or unbounded, '--' is shown.
Displays all the supported evsadm subcommands or usage for a given subcommand. If you invoke help for a specific subcommand, the command syntax is displayed. Using evsadm help without any argument displays all of the supported subcommands.
Many evsadm subcommands have an option that displays output in a machine-parseable format. The output format is one or more lines of colon (:) delimited fields. The fields displayed are specific to the subcommand used and are listed under the entry for the –o option for a given subcommand. Output includes only those fields requested by means of the –o option, in the order requested.
When you request multiple fields, any literal colon characters are escaped by a backslash (\) before being output. Similarly, literal backslash characters will also be escaped (\\). This escape format is parseable by using shell read(1) functions with the environment variable IFS=: (see EXAMPLES, below). Note that escaping is not done when you request only a single field.
These properties hold information that are essential for implementation of virtual switches or L2 segments across physical machines. For most properties, the scope or applicability is entire data center or global in nature. However, there are some properties, namely, uplink-port and vxlan-addr, whose values can be overridden on a per-host basis.
Defines how an EVS will be implemented across physical machines. The possible values are "vlan" or "vxlan". By default the l2-type is "vlan". Note that, changing a l2-type will not effect those EVSes that were created prior to change. Only the EVSes created after the change will have new l2-type. This means that L2 segments based off VLAN and VXLAN can co-exist.
To realize VLAN, all the VPorts of an EVS will be associated with the same VLAN ID. VLAN ID to use comes from the vlan-range property. This l2-type assumes that the physical network has been configured to send/receive packets on those VLANs or that a protocol like GVRP has been enabled in Oracle Solaris and on the switch fabric. Minimally, vlan-range and uplink-port must be specified. Otherwise, EVSes creation will fail.
To realize VXLAN, all the VPorts of an EVS will be associated with the same VXLAN ID. VXLAN ID to use comes from the vxlan-range property. Other VXLAN properties such as vxlan-addr, vxlan-group, vxlan-ipvers, and uplink-port influence how VXLAN will be created. Minimally, vxlan-range and either uplink-port or vxlan-addr must be specified. Otherwise EVSes creation will fail.
Comma-separated list of VLAN ID ranges that will be used for creating EVS. One VLAN ID will be consumed for every EVS created. VLAN ID provides isolation of packets between EVSes. Valid values are [1-4094].
Comma-separated list of VXLAN segment number ranges that can be used for creating EVS. One VXLAN segment number will be consumed for every EVS created. VXLAN segment number provides Layer 2 isolation between EVSes. Valid values are [0 - 16777215].
Specifies the IP address on top of which VXLAN datalink should be created. This can be set to a subnet address as well.
The multicast address that needs to be used while creating VXLAN links. The VXLAN link will use this address to discover other VXLAN links on the same VXLAN segment. If this property is not set, the default all-host address will be used by the VXLAN link.
Represents the IP version of the address that must be used for the IP interface that will host VXLAN datalinks. The possible values are "v4" and "v6". The default value is "v4".
Specifies the datalink to be used for VLANs or for VXLANs.
Represents the block of either IPv4 or IPv6 addresses. For IPv4, the value is specified as the standard IPv4 dotted-decimal form with prefix len, that is:
ddd.ddd.ddd.ddd/yy
Where, "ddd" is a one to three digit decimal number between 0 and 255, and "yy" is a one to two digit decimal number between 1 and 30.
For IPv6, the value is specified as the standard IPv6 text form with prefix len, that is:
ex:x:x:x:x:x:x:x/yyy
Where, "x"s are the hexadecimal values of the eight 16-bit pieces of the address, and "yy" is a one to three digit decimal number between 1 and 126.
Default router specifies the gateway's IP address for the given subnet. This is optional and when not specified the first address in the range will be selected as the default router IP address.
Sets the 802.1p priority on outbound packets on the virtual port. The values range from 0 to 7. When this property is set, all the outbound packets on the virtual port will have a VLAN tag with the priority field set to the property value. This can be used to provide differentiated services across VPorts.
Sets the full duplex bandwidth for the virtual port. The bandwidth is specified as an integer with one of the scale suffixes (K, M, or G for Kbps, Mbps, and Gbps). If no units are specified, the input value will be read as Mbps. The default is no bandwidth limit.
Sets the relative priority for the virtual port. The value can be given as one of the tokens high, medium, or low. The default is medium. This priority is not reflected in any protocol priority fields on the wire, but used for packet processing scheduling within the system. A high priority link offers a better latency depending on the availability of system resources.
Represents the IP address associated with the virtual port. When a VNIC connects to a VPort, this address will be applied to the VNIC. By default, the EVS Controller will automatically select an IP address from the IPnet associated with the EVS. If a Zone/VNIC needs to be assigned a particular IP address, then that can be achieved by manually setting the ipaddr to the desired IP address at the time of addition of the VPort to an EVS.
Once the VPort is created, its IP address cannot be changed through evsadm set-vportprop command.
Represents the MAC address associated with the virtual port. The VNIC that connects to this VPort basically inherits the MAC address from the VPort. By default, the EVS Controller will generate a random MAC address for the VPort. If a VNIC needs to be assigned a particular MAC address, then that can be achieved by manually setting the macaddr to the desired MAC address at the time of addition of the VPort to an EVS.
Once the VPort is created, its MAC address cannot be changed through evsadm set-vportprop command.
A read-only property that represents the EVS with which the VPort is associated.
A read-only property that represents the tenant with which the VPort is associated.
See "Virtual Port Properties" section above. This defines the default maxbw that will be associated with each virtual port of an EVS.
See "Virtual Port Properties" section above. This defines the default priority that will be associated with each virtual port of an EVS.
A read-only property that represents the tenant with which an EVS is associated.
In all the examples below, we are making an assumption that EVS Manager, EVS Controller, and EVS Node are all on the same node.
Example 1 Set the EVS Controller to Which evsadm Should Connect to# evsadm set-prop -p controller=ssh://evsuser@evs-controller.example.com
Now create the SSH keys for the user invoking evsadm using ssh-keygen(1). Copy over the $HOME/.ssh/id_rsa.pub to /var/user/evsuser/.ssh/authorized_keys. Now SSH to evs-controller.example.com as evsuser to verify whether you can connect without password (Note: answer the yes/no question popped by the SSH client).
# evsadm show-prop NAME VALUE DEFAULT controller ssh://evs-controller.example.com --Example 2 Setup the EVS Controller Such that the L2 Segments are Created by Using VLANs
Continuing from the above example, the controller now is evs-controller.example.com, and any changes made using set-controlprop command will be reflected on that controller.
# evsadm set-controlprop -p l2-type=vlan # evsadm set-controlprop -p vlan-range=200-300,400-500 # evsadm set-controlprop -p uplink-port=net2 # evsadm set-controlprop -h host2.example.com -p uplink-port=net3 # evsadm set-controlprop -h host3.example.com -p uplink-port=net4 NAME VALUE DEFAULT HOST l2-type vlan vxlan -- vlan-range 200-300,400-500 -- -- uplink-port net2 -- -- uplink-port net3 -- host2.example.com uplink-port net4 -- host3.example.com
VLAN IDs 200-300 and 400-500 have been set aside for EVSes. net2 is the uplink-port on all of the hosts except for host2.example.com and host3.example.com. On host2, net3 will be used as uplink-port, and on host3, net4 will be used as uplink-port.
Example 3 Setup the EVS Controller Such that L2 Segments are Created Using VXLANs# evsadm set-controlprop -p l2-type=vxlan # evsadm set-controlprop -p vxlan-range=20000-30000 # evsadm set-controlprop -p vxlan-addr=192.168.10.0/24 # evsadm show-controlprop -p l2-type,vxlan-range,vxlan-addr NAME VALUE DEFAULT HOST l2-type vxlan vxlan -- vxlan-range 20000-30000 -- -- vxlan-addr 192.168.10.0/24 0.0.0.0 --
VXLAN IDs 20000-30000 have been set aside for EVSes. An IP interface that is part of the subnet 192.168.10.0/24 will be used to create our VXLAN links.
Example 4 Create an EVS, Associate an IP subnet, Add a VPort to the EVS, and Connect a VNICBefore using evsadm, set the controller property.
# evsadm set-prop -p controller=ssh://evs-controller.example.com
Also, SSH authentication with pre-shared keys must be manually setup between RAD client and controller so that RAD client can connect to EVS controller non-interactively.
Now create an EVS with name HR.
# evsadm create-evs HR # evsadm show-evs HR EVS TENANT STATUS NVPORTS IPNETS HOST HR sys-global -- 0 -- --
Since no tenant name was provided, EVS was created under sys-global. It has no IP networks or VPorts associated with it.
Now create an IP network.
# evsadm add-ipnet -p subnet=192.168.13.0/24 HR/hr_ipnet # evsadm show-ipnet NAME TENANT SUBNET DEFROUTER AVAILRANGE HR/hr_ipnet sys-global 192.168.13.0/24 192.168.13.1 192.168.13.2-192.168.13.254
Now add a VPort to HR.
# evsadm add-vport HR/vport0 # evsadm show-vport NAME TENANT STATUS VNIC HOST HR/vport0 sys-global free -- -- # evsadm show-vport -o name,macaddr,ipaddr NAME MACADDR IPADDR HR/vport0 2:8:20:95:1:de 192.168.13.2/24
evsadm with no subcommands prints the following output.
# evsadm NAME TENANT STATUS VNIC IP HR sys-global -- -- hr_ipnet vport0 -- free -- 192.168.13.2/24
Now connect a VNIC vnic0 to HR/vport0.
# dladm create-vnic -t -c HR/vport0 vnic0 # dladm show-vnic -c LINK TENANT EVS VPORT OVER MACADDRESS VIDS vnic0 sys-global HR vport0 evs-vxlan200 2:8:20:95:1:de 0 # dladm show-linkprop -p allowed-ips vnic0 LINK PROPERTY PERM VALUE EFFECTIVE DEFAULT POSSIBLE vnic0 allowed-ips rw 192.168.13.2 192.168.13.2 -- --
Note how allowed-ips of vnic0 is set with the VPort's IP address.
Now set the VPort's maxbw property to 1G and see how it reflects on vnic0.
# dladm show-linkprop -p maxbw vnic0 LINK PROPERTY PERM VALUE EFFECTIVE DEFAULT POSSIBLE vnic0 maxbw rw -- -- -- -- # evsadm set-vportprop -p maxbw=1G HR/vport0 # dladm show-linkprop -p maxbw vnic0 LINK PROPERTY PERM VALUE EFFECTIVE DEFAULT POSSIBLE vnic0 maxbw rw 1000 1000 -- --Example 5 Display Properties of an EVS
# evsadm show-evsprop HR
EVS TENANT PROPERTY PERM VALUE DEFAULT POSSIBLE
HR sys-global maxbw rw -- -- --
HR sys-global priority rw -- medium low,medium,
high
HR sys-global tenant r- sys-global -- --
Example 6 Display Properties of a VPort
# evsadm show-vportprop HR/ NAME TENANT PROPERTY PERM VALUE DEFAULT POSSIBLE HR/vport0 sys-global cos rw 3 0 0-7 HR/vport0 sys-global maxbw rw -- -- 10K- HR/vport0 sys-global priority rw -- medium low,medium, HR/vport0 sys-global ipaddr r- 192.168.13.2/24 -- -- HR/vport0 sys-global macaddr r- 2:8:20:5c:cb:a5 -- -- HR/vport0 sys-global evs r- HR -- -- HR/vport0 sys-global tenant r- sys-global -- --Example 7 Remove a Virtual Port
# evsadm remove-vport HR/vport0
Note that, if the vport is being used, then the above operation will fail.
Example 8 Delete an IPnet# evsadm remove-ipnet HR/hr_ipnet
Note that, if an IP address in the IP subnet is being used, then the above operation will fail.
Example 9 Delete an EVS# evsadm delete-evs HR
Note that, if VPorts of an EVS is being used, then the above operation will fail.
Example 10 Create an EVS for a Tenant and Associate an IPnet and VPortThe following example creates an EVS evsA for a tenant tenantA, and associates 192.168.100.0/24 as IPnet with it, and a VPort with maxbw of 1G.
# evasdm create-evs -T tenantA evsA # evsadm add-ipnet -T tenantA -p subnet=192.168.100.0/24 evsA/ipnetA # evsadm add-vport -T tenantA -p maxbw=1G evsA/vport0 # evsadm NAME TENANT STATUS VNIC IP HOST evsA tenantA -- -- ipnetA -- vport0 -- free -- 192.168.100.2/24 -- # evsadm show-vport NAME TENANT STATUS VNIC HOST evsA/vport0 tenantA free -- -- # evsadm show-ipnet NAME TENANT SUBNET DEFROUTER AVAILRANGE evsA/ipnetA tenantA 192.168.100.0/24 192.168.100.1 192.168.100.3-192.168.100.254
See attributes (5) for descriptions of the following attributes:
|
evsstat(1M), dladm(1M), zonecfg(1M), rad(1M), attributes(5), prof_attr(4), ssh-keygen(1),