在 Ubuntu 上使用 ifupdown2

ifupdown2 改进了标准 Debian 和 Ubuntu 实例的网络配置，并且自 2.1 版本以来一直是 Cumulus Linux 的标准接口配置工具。本文介绍如何在 Ubuntu 主机上安装 ifupdown2。

验证 Ubuntu 版本

在开始安装之前，请验证实例上安装的 Ubuntu 版本

user@host:~$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.3 LTS"

请按照以下适用于您安装的 Ubuntu 版本的说明进行操作。

在 Ubuntu 主机上安装 ifupdown2

Ubuntu 16.04 Xenial

Ubuntu 16.04 的默认软件包列表包含 ifupdown2。该软件包可在此处获得：ifupdown2。

1. 在编辑器中打开 /etc/apt/sources.list。

2. 取消注释以下行，并保存文件

    deb http://us.archive.ubuntu.com/ubuntu/ xenial universe
   

3. 更新 Ubuntu 实例

   user@host:~$ sudo apt-get update
   

4. 安装 ifupdown2 软件包

   user@host:~$ sudo apt-get install ifupdown2
   

5. 确保 systemd 文件中存在以下配置

   [Unit]
   Description=ifupdown2 init script
       
   [Service]
   Type=oneshot
   ExecStart=/sbin/ifup -a
   ExecStop=/sbin/ifdown -a
   RemainAfterExit=yes
       
   [Install]
   WantedBy=multi-user.target
   

Ubuntu 14.04 Trusty

Ubuntu 14.04 的默认软件包列表不包含 ifupdown2。但是，由于 Ubuntu 16.04 包含它，您可以通过升级来解决此限制。

1. 输入 root 帐户。以下说明中的其余命令假定使用 root 帐户。

2. 将 Ubuntu Xenial 源添加到您的 Ubuntu Trusty 安装

   root@host# echo "deb http://us.archive.ubuntu.com/ubuntu/ xenial universe" > /etc/apt/sources.list.d/xenial.list
   

3. 更新 Ubuntu 软件包缓存。您可能会在输出中看到警告，可以忽略这些警告

   root@host# apt-get update
   <snip>
   Ign http://us.archive.ubuntu.com trusty/multiverse Translation-en_US
   Ign http://us.archive.ubuntu.com trusty/restricted Translation-en_US
   Ign http://us.archive.ubuntu.com trusty/universe Translation-en_US
   Reading package lists... Done 
   W: Unknown Multi-Arch type 'no' for package 'libkf5akonadisearch-bin'
   W: Ignoring Provides line with DepCompareOp for package php-psr-http-message-implementation
   W: Ignoring Provides line with DepCompareOp for package php-psr-log-implementation
   W: Ignoring Provides line with DepCompareOp for package php-math-biginteger
   W: Unknown Multi-Arch type 'no' for package 'libkf5akonadisearch-bin'
   W: You may want to run apt-get update to correct these problems
   

4. 重要提示：在初始配置之后，存储库在安装软件包时具有相同的优先级，从而导致安装最新的 (Xenial) 软件包。由于本文的目标是仅安装 ifupdown2，因此此步骤确保您首先安装 Trusty 软件包。

   在继续之前，您必须提高 Trusty 存储库的优先级或降低 Xenial 存储库的优先级。以下示例步骤显示如何降低 Xenial 存储库的优先级，确保您首先安装 Trusty 软件包，并且仅在没有 Trusty 软件包时才安装 Xenial 软件包

   1. 创建一个名为 /etc/apt/preferences.d/xenial 的文件，并将以下文本添加到该文件，然后保存该文件

      Explanation: give xenial a low priority number
      Package: *
      Pin: release a=xenial
      Pin-Priority: 100
      

      或者，运行此命令以执行相同的任务

      root@host# echo -e "Explanation: give xenial a low priority number\nPackage: *\nPin: release a=xenial\nPin-Priority: 100\n" > /etc/apt/preferences.d/xenial
      

   2. 验证 Xenial 软件包是否不覆盖所有其他软件包。以下示例使用 Ansible 软件包进行验证，因为 Trusty (Ansible 1.5.4) 和 Xenial (Ansible 1.9.4) 上提供了不同的版本

      root@host# apt-cache policy ansible
      ansible:
        Installed: (none)
        Candidate: 1.5.4+dfsg-1
        Version table:
           1.9.4-1 0
              100 http://us.archive.ubuntu.com/ubuntu/ xenial/universe amd64 Packages
           1.7.2+dfsg-1~ubuntu14.04.1 0
              100 http://us.archive.ubuntu.com/ubuntu/ trusty-backports/universe amd64 Packages
           1.5.4+dfsg-1 0
              500 http://us.archive.ubuntu.com/ubuntu/ trusty/universe amd64 Packages
      

      上面的 Candidate 是 1.5.4，您将 Xenial 优先级从 500 降低到 100，这意味着 Xenial 软件包不覆盖 Trusty 存储库软件包。

5. 安装 ifupdown2 软件包依赖项

   root@host# apt-get install python-ipaddr python-argcomplete python-gvgen python-mako  
   

6. 保持 ifupdown 软件包

   root@host# echo ifupdown hold | dpkg --set-selections
   

7. 下载 ifupdown2 软件包：

   root@host# apt-get download ifupdown2
   

8. 手动安装 ifupdown2 软件包

   root@host# dpkg --force-conflicts --force-depends --force-overwrite -i ./ifupdown2*.deb
   Selecting previously unselected package ifupdown2.
   dpkg: considering removing ifupdown in favour of ifupdown2 ...
   dpkg: warning: ignoring dependency problem with removal of ifupdown:
    upstart depends on ifupdown (>= 0.6.10ubuntu5)
    ifupdown is to be removed.
       
   Package ifupdown is on hold, not touching it. Use --force-hold to override.
   dpkg: regarding .../ifupdown2_1.0~git20151029-1_all.deb containing ifupdown2:
    ifupdown2 conflicts with ifupdown
    ifupdown (version 0.7.47.2ubuntu4.1) is present and installed.
       
   dpkg: warning: ignoring conflict, may proceed anyway!
   (Reading database ... 197912 files and directories currently installed.)
   Preparing to unpack .../ifupdown2_1.0~git20151029-1_all.deb ...
   Unpacking ifupdown2 (1.0~git20151029-1) ...
   Replacing files in old package ifupdown (0.7.47.2ubuntu4.1) ...
   dpkg: ifupdown2: dependency problems, but configuring anyway as you requested:
    ifupdown2 depends on init-system-helpers (>= 1.18~); however:
    Version of init-system-helpers on system is 1.14.
       
   Setting up ifupdown2 (1.0~git20151029-1) ...
   Installing new version of config file /etc/init.d/networking ...
   update-rc.d: warning: default start runlevel arguments (2 3 4 5) do not match networking Default-Start values (S)
   Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
   Processing triggers for ureadahead (0.100.0-16) ...
   ureadahead will be reprofiled on next reboot
   

9. 检查已安装的 ifupdown2 软件包中的“Depends”和“Conflicts”行。

   root@host# grep -A 34 "Package: ifupdown2" /var/lib/dpkg/status
   Package: ifupdown2
   Status: install ok installed
   Priority: optional
   Section: admin
   Installed-Size: 595
   Maintainer: Ubuntu Developers 
   Architecture: all
   Version: 1.0~git20151029-1
   Replaces: ifupdown
   Provides: ifupdown
   Depends: python:any (>= 2.7.5-5~), init-system-helpers (>= 1.18~), python-argcomplete, python-ipaddr
   Suggests: python-gvgen, python-mako
   Conflicts: ifupdown
   Conffiles:
   /etc/default/networking/networking.default 76a6935f125a8db5cbcddee1d422fc81
   /etc/init.d/networking 703fab9e50c7c539efc6e1ce6b9c7633
   /etc/network/ifupdown2/addons.conf c39be66aa58f59b4343c9dc6541043fe
   /etc/network/ifupdown2/ifupdown2.conf 85fd2d75c77c6b68438a16888ae08510
   Description: Network Interface Management tool similar to ifupdown
    ifupdown2 is ifupdown re-written in Python. It replaces ifupdown and provides
    the same user interface as ifupdown for network interface configuration.
    Like ifupdown, ifupdown2 is a high level tool to configure (or, respectively
    deconfigure) network interfaces based on interface definitions in
    /etc/network/interfaces. It is capable of detecting network interface
    dependencies and comes with several new features which are available as
    new command options to ifup/ifdown/ifquery commands. It also comes with a new
    command ifreload to reload interface configuration with minimum
    disruption. Most commands are also capable of input and output in JSON format.
    It is backward compatible with ifupdown /etc/network/interfaces format and
    supports newer simplified format. It also supports interface templates with
    python-mako for large scale interface deployments. See
    /usr/share/doc/ifupdown2/README.rst for details about ifupdown2. Examples
    are available under /usr/share/doc/ifupdown2/examples.
    Original-Maintainer: Roopa Prabhu 
    Homepage: https://github.com/CumulusNetworks/ifupdown2

10. 可选：此时，您需要修改软件包管理器对 ifupdown2 软件包的依赖项和冲突的理解。这需要在 /var/lib/dpkg/status 文件中进行两个非常精确的编辑。为了确保这些编辑产生期望的更改，首先确认您在步骤 11 中执行的两个查找和替换操作都只有一个实例要替换。

    root@host# grep -c "Conflicts: ifupdown" /var/lib/dpkg/status
    1
    root@host# grep -c "Depends: python:any (>= 2.7.5-5~), init-system-helpers (>= 1.18~), python-argcomplete, python-ipaddr" /var/lib/dpkg/status
    1
    

11. 通过使用 sed 命令查找和替换两行（在步骤 9 中以红色显示），使用新的依赖项和冲突信息更新软件包管理器以获取 ifupdown2 软件包

    root@host# sed -i "s/Depends: python:any (>= 2.7.5-5~), init-system-helpers (>= 1.18~), python-argcomplete, python-ipaddr/Depends: python:any (>= 2.7.5-5~), init-system-helpers (>= 1.14~), python-argcomplete, python-ipaddr/g" /var/lib/dpkg/status
    
    root@host# sed -i "/Conflicts: ifupdown/d" /var/lib/dpkg/status
    

12. 确认您已成功编辑文件。请注意，与步骤 9 相比，您已将最低要求的 init-system-helpers 版本从 1.18 更改为 1.14，并且您删除了 Conflicts 行

    root@host# grep -A 34 "Package: ifupdown2" /var/lib/dpkg/status
    Package: ifupdown2
    Status: install ok installed
    Priority: optional
    Section: admin
    Installed-Size: 595
    Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
    Architecture: all
    Version: 1.0~git20151029-1
    Replaces: ifupdown
    Provides: ifupdown
    Depends: python:any (>= 2.7.5-5~), init-system-helpers (>= 1.14~), python-argcomplete, python-ipaddr
    Suggests: python-gvgen, python-mako
    Conffiles:
     /etc/default/networking/networking.default 76a6935f125a8db5cbcddee1d422fc81
     /etc/init.d/networking 703fab9e50c7c539efc6e1ce6b9c7633
     /etc/network/ifupdown2/addons.conf c39be66aa58f59b4343c9dc6541043fe
     /etc/network/ifupdown2/ifupdown2.conf 85fd2d75c77c6b68438a16888ae08510
    Description: Network Interface Management tool similar to ifupdown
     ifupdown2 is ifupdown re-written in Python. It replaces ifupdown and provides
     the same user interface as ifupdown for network interface configuration.
     Like ifupdown, ifupdown2 is a high level tool to configure (or, respectively
     deconfigure) network interfaces based on interface definitions in
     /etc/network/interfaces. It is capable of detecting network interface
     dependencies and comes with several new features which are available as
     new command options to ifup/ifdown/ifquery commands. It also comes with a new
     command ifreload to reload interface configuration with minimum
     disruption. Most commands are also capable of input and output in JSON format.
     It is backward compatible with ifupdown /etc/network/interfaces format and
     supports newer simplified format. It also supports interface templates with
     python-mako for large scale interface deployments. See
     /usr/share/doc/ifupdown2/README.rst for details about ifupdown2. Examples
     are available under /usr/share/doc/ifupdown2/examples.
    Original-Maintainer: Roopa Prabhu <roopa@cumulusnetworks.com>
    Homepage: https://github.com/CumulusNetworks/ifupdown2
    

13. 禁用 Xenial 软件包存储库，直到您再次需要它

    root@host# sed -i "s/deb/#deb/g" /etc/apt/sources.list.d/xenial.list
    

14. 再次更新 Ubuntu 软件包缓存，以从软件包缓存中删除 Xenial 源。

    root@host# apt-get update
    

验证 ifupdown2

ifupdown2 安装完成后，您可以使用 ifupdown2 特定的命令进行测试和验证

user@host:~$ sudo ifquery -ra
auto lo
iface lo inet loopback
    mtu 65536

auto eth0
iface eth0
    address 10.50.10.160/24
    link-speed 1000
    link-duplex full
    link-autoneg on

安装其他工具

此外，您可以安装 brctl 和 bridge 命令，以便主机更像 Cumulus Linux。这些命令使您可以获取信息并配置您的网桥

user@host:~$ sudo apt-get install bridge-utils

您现在可以像在 Cumulus Linux 中一样查看主机上的网桥

user@host:~$ ifquery -a
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto bridge
iface bridge
    bridge-ports eth1
    bridge-stp on

使用 brctl 命令查看网桥 STP 状态

user@host:~$ brctl show
bridge name bridge id       STP enabled interfaces
bridge      8000.080027d73d5d   yes     eth1

移除 ifupdown2

1. 以正常的 Debian/Ubuntu 方式移除软件包

   sudo apt-get remove ifupdown2
   

2. 仅在 Ubuntu 14.04 上:

   sudo apt-get install ifupdown --reinstall
   

延伸阅读

• 比较 ifupdown2 命令和 ifupdown 命令
• Debian 上的 ifupdown2