3.2. 基本网络故障排除

流程

1. 在对 Ceph 存储集群中可能发生的网络问题进行故障排除时，安装 net-tools 和 telnet 软件包会有所帮助：

   示例

   [root@host01 ~]# dnf install net-tools
   [root@host01 ~]# dnf install telnet

2. 登录 cephadm shell，再验证 Ceph 配置文件中的 public_network 参数是否包含正确的值：

   示例

   [ceph: root@host01 /]# cat /etc/ceph/ceph.conf
   # minimal ceph.conf for 57bddb48-ee04-11eb-9962-001a4a000672
   [global]
   	fsid = 57bddb48-ee04-11eb-9962-001a4a000672
   	mon_host = [v2:10.74.249.26:3300/0,v1:10.74.249.26:6789/0] [v2:10.74.249.163:3300/0,v1:10.74.249.163:6789/0] [v2:10.74.254.129:3300/0,v1:10.74.254.129:6789/0]
   [mon.host01]
   public network = 10.74.248.0/21

3. 退出 shell 并验证网络接口是否已启动：

   示例

   [root@host01 ~]# ip link list
   1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
       link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
   2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
       link/ether 00:1a:4a:00:06:72 brd ff:ff:ff:ff:ff:ff

4. 验证 Ceph 节点能够使用它们的短主机名互相访问。在存储集群的每个节点上验证它：

   语法

   ping SHORT_HOST_NAME

   示例

   [root@host01 ~]# ping host02

5. 如果使用防火墙，请确保 Ceph 节点可以在相应的端口上相互访问。firewall-cmd 和 telnet 工具可以验证端口状态，以及端口是否分别打开：

   语法

   firewall-cmd --info-zone=ZONE
   telnet IP_ADDRESS PORT

   示例

   [root@host01 ~]# firewall-cmd --info-zone=public
   public (active)
     target: default
     icmp-block-inversion: no
     interfaces: ens3
     sources:
     services: ceph ceph-mon cockpit dhcpv6-client ssh
     ports: 9283/tcp 8443/tcp 9093/tcp 9094/tcp 3000/tcp 9100/tcp 9095/tcp
     protocols:
     masquerade: no
     forward-ports:
     source-ports:
     icmp-blocks:
     rich rules:
   
   [root@host01 ~]# telnet 192.168.0.22 9100

6. 验证接口计数器上没有错误。验证节点之间的网络连接具有预期的延迟，并且没有数据包丢失。

   1. 使用 ethtool 命令：

      语法

      ethtool -S INTERFACE

      示例

      [root@host01 ~]# ethtool -S ens3 | grep errors
      NIC statistics:
           rx_fcs_errors: 0
           rx_align_errors: 0
           rx_frame_too_long_errors: 0
           rx_in_length_errors: 0
           rx_out_length_errors: 0
           tx_mac_errors: 0
           tx_carrier_sense_errors: 0
           tx_errors: 0
           rx_errors: 0

   2. 使用 ifconfig 命令：

      示例

      [root@host01 ~]# ifconfig
      ens3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
              inet 10.74.249.26  netmask 255.255.248.0  broadcast 10.74.255.255
              inet6 fe80::21a:4aff:fe00:672  prefixlen 64  scopeid 0x20<link>
              inet6 2620:52:0:4af8:21a:4aff:fe00:672  prefixlen 64  scopeid 0x0<global>
              ether 00:1a:4a:00:06:72  txqueuelen 1000  (Ethernet)
              RX packets 150549316  bytes 56759897541 (52.8 GiB)
              RX errors 0  dropped 176924  overruns 0  frame 0
              TX packets 55584046  bytes 62111365424 (57.8 GiB)
              TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
      
      lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
              inet 127.0.0.1  netmask 255.0.0.0
              inet6 ::1  prefixlen 128  scopeid 0x10<host>
              loop  txqueuelen 1000  (Local Loopback)
              RX packets 9373290  bytes 16044697815 (14.9 GiB)
              RX errors 0  dropped 0  overruns 0  frame 0
              TX packets 9373290  bytes 16044697815 (14.9 GiB)
              TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

   3. 使用 netstat 命令：

      示例

      [root@host01 ~]# netstat -ai
      Kernel Interface table
      Iface             MTU    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
      ens3             1500 311847720      0 364903 0      114341918      0      0      0 BMRU
      lo              65536 19577001      0      0 0      19577001      0      0      0 LRU

7. 对于性能问题，除了延迟检查和验证存储集群所有节点之间的网络带宽外，使用 iperf3 工具。iperf3 工具在服务器和客户端之间进行简单的点对点网络带宽测试。

   1. 在您要检查带宽的 Red Hat Ceph Storage 节点上安装 iperf3 软件包：

      示例

      [root@host01 ~]# dnf install iperf3

   2. 在 Red Hat Ceph Storage 节点上启动 iperf3 服务器：

      示例

      [root@host01 ~]# iperf3 -s
      -----------------------------------------------------------
      Server listening on 5201
      -----------------------------------------------------------

      注意

      默认端口为 5201，但可使用 -P 命令参数设置。

   3. 在不同的 Red Hat Ceph Storage 节点上，启动 iperf3 客户端：

      示例

      [root@host02 ~]# iperf3 -c mon
      Connecting to host mon, port 5201
      [  4] local xx.x.xxx.xx port 52270 connected to xx.x.xxx.xx port 5201
      [ ID] Interval           Transfer     Bandwidth       Retr  Cwnd
      [  4]   0.00-1.00   sec   114 MBytes   954 Mbits/sec    0    409 KBytes
      [  4]   1.00-2.00   sec   113 MBytes   945 Mbits/sec    0    409 KBytes
      [  4]   2.00-3.00   sec   112 MBytes   943 Mbits/sec    0    454 KBytes
      [  4]   3.00-4.00   sec   112 MBytes   941 Mbits/sec    0    471 KBytes
      [  4]   4.00-5.00   sec   112 MBytes   940 Mbits/sec    0    471 KBytes
      [  4]   5.00-6.00   sec   113 MBytes   945 Mbits/sec    0    471 KBytes
      [  4]   6.00-7.00   sec   112 MBytes   937 Mbits/sec    0    488 KBytes
      [  4]   7.00-8.00   sec   113 MBytes   947 Mbits/sec    0    520 KBytes
      [  4]   8.00-9.00   sec   112 MBytes   939 Mbits/sec    0    520 KBytes
      [  4]   9.00-10.00  sec   112 MBytes   939 Mbits/sec    0    520 KBytes
      - - - - - - - - - - - - - - - - - - - - - - - - -
      [ ID] Interval           Transfer     Bandwidth       Retr
      [  4]   0.00-10.00  sec  1.10 GBytes   943 Mbits/sec    0             sender
      [  4]   0.00-10.00  sec  1.10 GBytes   941 Mbits/sec                  receiver
      
      iperf Done.

      此输出显示红帽 Ceph 存储节点之间的网络带宽 1.1 Gbits/秒，测试期间不会再传输(Retr)。

      红帽建议您验证存储集群中所有节点之间的网络带宽。

8. 确保所有节点具有相同的网络互连速度。连接较慢的节点可能会减慢连接速度更快的节点。另外，确保交换机链接可以处理附加节点的聚合带宽：

   语法

   ethtool INTERFACE

   示例

   [root@host01 ~]# ethtool ens3
   Settings for ens3:
   Supported ports: [ TP ]
   Supported link modes:   10baseT/Half 10baseT/Full
                           100baseT/Half 100baseT/Full
                           1000baseT/Half 1000baseT/Full
   Supported pause frame use: No
   Supports auto-negotiation: Yes
   Supported FEC modes: Not reported
   Advertised link modes:  10baseT/Half 10baseT/Full
                           100baseT/Half 100baseT/Full
                           1000baseT/Half 1000baseT/Full
   Advertised pause frame use: Symmetric
   Advertised auto-negotiation: Yes
   Advertised FEC modes: Not reported
   Link partner advertised link modes:  10baseT/Half 10baseT/Full
                                        100baseT/Half 100baseT/Full
                                        1000baseT/Full
   Link partner advertised pause frame use: Symmetric
   Link partner advertised auto-negotiation: Yes
   Link partner advertised FEC modes: Not reported
   Speed: 1000Mb/s 1
   Duplex: Full 2
   Port: Twisted Pair
   PHYAD: 1
   Transceiver: internal
   Auto-negotiation: on
   MDI-X: off
   Supports Wake-on: g
   Wake-on: d
   Current message level: 0x000000ff (255)
          drv probe link timer ifdown ifup rx_err tx_err
   Link detected: yes 3