이 페이지의 내용
CLI를 통해 JCNR 모니터링
요약 이 주제에는 JCNR 컨트롤러(cRPD) CLI에 액세스하고 운영 명령을 실행하기 위한 지침이 포함되어 있습니다.
JCNR 컨트롤러(cRPD) CLI 액세스
실행 중인 cRPD 컨테이너의 셸에 액세스하여 클라우드 네이티브 라우터 컨트롤러의 명령줄 인터페이스(CLI)에 액세스할 수 있습니다.
아래 명령은 예제로 제공됩니다. 환경에서 cRPD Pod 이름을 바꿔야 합니다. 명령 출력은 환경에 따라 다를 수 있습니다.
클러스터에서 실행 중인 K8s Pod 나열
kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE contrail-deploy contrail-k8s-deployer-7b5dd699b9-nd7xf 1/1 Running 0 41m contrail contrail-vrouter-masters-dfxgm 3/3 Running 0 41m jcnr kube-crpd-worker-ds-8tnf7 1/1 Running 0 41m jcnr syslog-ng-54749b7b77-v24hq 1/1 Running 0 41m kube-system calico-kube-controllers-57b9767bdb-5wbj6 1/1 Running 2 (92d ago) 129d kube-system calico-node-j4m5b 1/1 Running 2 (92d ago) 129d kube-system coredns-8474476ff8-fpw78 1/1 Running 2 (92d ago) 129d kube-system dns-autoscaler-7f76f4dd6-q5vdp 1/1 Running 2 (92d ago) 129d kube-system kube-apiserver-5a5s5-node2 1/1 Running 3 (92d ago) 129d kube-system kube-controller-manager-5a5s5-node2 1/1 Running 4 (92d ago) 129d kube-system kube-multus-ds-amd64-4zm5k 1/1 Running 2 (92d ago) 129d kube-system kube-proxy-l6xm8 1/1 Running 2 (92d ago) 129d kube-system kube-scheduler-5a5s5-node2 1/1 Running 4 (92d ago) 129d kube-system nodelocaldns-6kwg5 1/1 Running 2 (92d ago) 129d
cRPD 포드의 이름을 복사합니다(kube-crpd-worker-ds-8tnf7
이 예에서는 출력 ). Pod 이름을 사용하여 실행 중인 컨테이너의 셸에 연결합니다.
cRPD CLI에 연결합니다
kubectl exec
명령을 실행하여 실행 중인 컨테이너의 셸에 액세스합니다.
kubectl exec -n <namespace> -it <pod name> --container <container name> -- bash
여기서 <namespace> 는 파드가 실행 중인 네임스페이스를 식별하고, <파드 이름> 은 파드의 이름을 지정하며 , <컨테이너 이름> 은 컨테이너의 이름을 지정한다(파드에 둘 이상의 컨테이너가 있는 경우 지정됨).
cRPD Pod에는 실행 중인 컨테이너가 하나만 있습니다. 다음은 예제 명령입니다.
kubectl exec -n jcnr -it kube-crpd-worker-ds-8tnf7 -- bash
위 명령의 결과는 다음과 유사해야 합니다.
Defaulted container "kube-crpd-worker" out of: kube-crpd-worker, jcnr-crpd-config (init), install-cni (init)
===>
Containerized Routing Protocols Daemon (CRPD)
Copyright (C) 2020-2022, Juniper Networks, Inc. All rights reserved.
<===
root@jcnr-01:/#
이제 cRPD의 셸에 연결되었습니다. 다른 Junos 기반 셸과 마찬가지로, 물리적 Junos OS 디바이스의 콘솔에 연결된 것과 동일한 방식으로 클라우드 네이티브 라우터의 운영 모드에 액세스합니다.
root@jcnr-01:/# cli root@jcnr-cni>
show 명령 예
다음은 실행할 수 있는 몇 가지 show 명령의 예입니다.
show interfaces terse Interface@link Oper State Addresses __crpd-brd1 UNKNOWN fe80::acbf:beff:fe8a:e046/64 cali1b684d67bd4@if3 UP fe80::ecee:eeff:feee:eeee/64 cali34cf41e29bb@if3 UP fe80::ecee:eeff:feee:eeee/64 docker0 DOWN 172.17.0.1/16 eno1 UP 10.102.70.146/24 fe80::a94:efff:fe79:dcae/64 eno2 UP eno3 UP 10.1.1.1/24 fe80::a94:efff:fe79:dcac/64 eno3v1 UP eno4 DOWN enp0s20f0u1u6 UNKNOWN ens2f0 DOWN ens2f1 DOWN erspan0@NONE DOWN eth0 UNKNOWN 169.254.143.126/32 fe80::b4db:eeff:fe78:9f43/64 gre0@NONE UNKNOWN gretap0@NONE DOWN ip6tnl0@NONE UNKNOWN fe80::74b6:2cff:fea7:d850/64 irb DOWN kube-ipvs0 DOWN 10.233.0.1/32 10.233.0.3/32 10.233.35.229/32 lo UNKNOWN 127.0.0.1/8 ::1/128 lsi UNKNOWN fe80::cc59:6dff:fe9c:4db3/64 nodelocaldns DOWN 169.254.25.10/32 sit0@NONE UNKNOWN ::169.254.143.126/96 ::10.233.91.64/96 ::172.17.0.1/96 ::10.102.70.146/96 ::10.1.1.1/96 ::127.0.0.1/96 tunl0@NONE UNKNOWN vxlan.calico UNKNOWN 10.233.91.64/32 fe80::64c6:34ff:fecd:3522/64
show configuration routing-instances vswitch { instance-type virtual-switch; bridge-domains { bd100 { vlan-id 100; } bd200 { vlan-id 200; } bd300 { vlan-id 300; } bd700 { vlan-id 700; interface enp59s0f1v0; } bd701 { vlan-id 701; } bd702 { vlan-id 702; } bd703 { vlan-id 703; } bd704 { vlan-id 704; } bd705 { vlan-id 705; } } interface bond0; }
show bridge ? Possible completions: mac-table Show media access control table statistics Show bridge statistics information
show bridge mac-table ? Possible completions: <[Enter]> Execute this command count Number of MAC address mac-address MAC address in the format XX:XX:XX:XX:XX:XX vlan-id Display MAC address learned on a specified VLAN or 'all-vlan' | Pipe through a command
show bridge mac-table Routing Instance : default-domain:default-project:ip-fabric:__default__ Bridging domain VLAN id : 3002 MAC MAC Logical address flags interface 00:00:5E:00:53:01 D bond0
show bridge statistics ? Possible completions: <[Enter]> Execute this command vlan-id Display statistics for a particular vlan (1..4094) | Pipe through a command
show bridge statistics Bridge domain vlan-id: 100 Local interface: bond0 Broadcast packets Tx : 0 Rx : 0 Multicast packets Tx : 0 Rx : 0 Unicast packets Tx : 0 Rx : 0 Broadcast bytes Tx : 0 Rx : 0 Multicast bytes Tx : 0 Rx : 0 Unicast bytes Tx : 0 Rx : 0 Flooded packets : 0 Flooded bytes : 0 Local interface: ens1f0v1 Broadcast packets Tx : 0 Rx : 0 Multicast packets Tx : 0 Rx : 0 Unicast packets Tx : 0 Rx : 0 Broadcast bytes Tx : 0 Rx : 0 Multicast bytes Tx : 0 Rx : 0 Unicast bytes Tx : 0 Rx : 0 Flooded packets : 0 Flooded bytes : 0 Local interface: ens1f3v1 Broadcast packets Tx : 0 Rx : 0 Multicast packets Tx : 0 Rx : 0 Unicast packets Tx : 0 Rx : 0 Broadcast bytes Tx : 0 Rx : 0 Multicast bytes Tx : 0 Rx : 0 Unicast bytes Tx : 0 Rx : 0 Flooded packets : 0
show firewall filter filter1 Filter : filter1 vlan-id : 3001 Term Packet t1 0
show configuration firewall:firewall family { bridge { filter filter1 { term t1 { from { destination-mac-address 10:30:30:30:30:31; source-mac-address 10:30:30:30:30:30; ether-type oam; } then { discard; } } } } }
show route 172.68.20.2/32 table nad1.inet nad1.inet.0: 11 destinations, 15 routes (11 active, 0 holddown, 0 hidden) @ = Routing Use Only, # = Forwarding Use Only + = Active Route, - = Last Active, * = Both 172.68.20.2/32 @[BGP/170] 00:00:23, localpref 100, from 1.1.1.220 AS path: I, validation-state: unverified > via Tunnel Composite, UDP (src 1.1.1.35 dest 1.1.1.220), Push 48 [BGP/170] 00:13:18, localpref 100, from 1.1.24.24 AS path: I, validation-state: unverified > via Tunnel Composite, UDP (src 1.1.1.35 dest 1.1.24.24), Push 16 #[Multipath/255] 00:00:23, metric2 2 via Tunnel Composite, UDP (src 1.1.1.35 dest 1.1.1.220), Push 48 > via Tunnel Composite, UDP (src 1.1.1.35 dest 1.1.24.24), Push 16
show interfaces routing enp216s0f0 Interface State Addresses enp216s0f0 Up MPLS enabled ISO enabled INET 192.168.123.3 INET6 2001:192:168:123::3 INET6 fe80::42a6:b7ff:fe2c:a448
show dynamic-tunnels database *- Signal Tunnels #- PFE-down Table: inet.3 Destination-network: 1.1.1.220/32 Destination-network: 1.1.24.24/32 Tunnel to: 1.1.24.24/32 Reference count: 4 Next-hop type: UDP (forwarding-nexthop) Source address: 1.1.1.35 Next hop: v6 mapped, tunnel-composite, 0x557917afc91c, nhid 0 VPN Label: Push 16, Reference count: 2 Ingress Route: [OSPF] 1.1.24.24/32, via metric 2 Traffic Statistics: Packets 0, Bytes 0 State: Up Aggregate Traffic Statistics:
지우기 명령의 예
다음은 clear 명령의 몇 가지 예입니다.
clear bridge mac-table ? Possible completions: <[Enter]> Execute this command mac-address Clear specific MAC address vlan-id Clear mac-table for a specified vlan-id (1..4094) | Pipe through a command
clear bridge statistics ? Possible completions: <[Enter]> Execute this command vlan-id Clear L2 interface statistics for a specified vlan-id (1..4094) | Pipe through a command