環(huán)境：

• 產(chǎn)品：FusionCube 500
• 版本：8.2.0.SPC100
• 場景：虛擬化基礎(chǔ)設(shè)施
• 平臺：FusionCompute
• 兩節(jié)點(diǎn) MCNA * 2
• 硬件部署（塔式交付場景）
• 免交換組網(wǎng)（配置AR卡）

前置準(zhǔn)備

組網(wǎng)規(guī)劃

節(jié)點(diǎn)說明

連接信號線纜（GPU模組場景）

軟件清單

地址規(guī)劃

默認(rèn)參數(shù)

AR卡配置

兩張AR卡除管理地址外，其他相同配置

sysname AR-10
#drop illegal-mac alarm
#
ipv6
#
vlan batch 4050
#
authentication-profile name default_authen_profile
authentication-profile name dot1x_authen_profile
authentication-profile name dot1xmac_authen_profile
authentication-profile name mac_authen_profile
authentication-profile name multi_authen_profile
authentication-profile name portal_authen_profile
#
dhcp enable
#
radius-server template default
#
pki realm defaultcertificate-check none
#
ssl policy default_policy type server     pki-realm defaultversion tls1.2 ciphersuite rsa_aes_128_sha256 rsa_aes_256_sha256 ecdhe_rsa_aes128_gcm_sha256 ecdhe_rsa_aes256_gcm_sha384 
#
acl name firewall 3001  rule 99 permit icmp rule 100 permit ip 
#
ike proposal defaultencryption-algorithm aes-256 aes-192 aes-128 dh group14 authentication-algorithm sha2-512 sha2-384 sha2-256 authentication-method pre-shareintegrity-algorithm hmac-sha2-256 prf hmac-sha2-256 
#
free-rule-template name default_free_rule
#
portal-access-profile name portal_access_profile
#
aaaauthentication-scheme defaultauthentication-mode localauthentication-scheme radius             authentication-mode radiusauthorization-scheme defaultauthorization-mode localaccounting-scheme defaultaccounting-mode nonelocal-aaa-user password policy administratorpassword history record number 0password alert before-expire 90password expire 365domain defaultauthentication-scheme defaultaccounting-scheme defaultradius-server defaultdomain default_adminauthentication-scheme defaultaccounting-scheme defaultlocal-user admin password irreversible-cipher $1a$Lu<k"V],m@$3WD#6hoY{/F<|%GG:}M0x\uVUripT!J0PjIf&kr&$local-user admin privilege level 15local-user admin ftp-directory flash:local-user admin service-type terminal ssh ftp httplocal-user administrator password irreversible-cipher $1a$gPNq!<&#%,${\=7'vc"bX`O_nHhsO{V+oqnVNK.-AWK%kTqh07>$local-user administrator privilege level 15local-user administrator ftp-directory flash:local-user administrator service-type terminal ssh ftp http
#
webset fast-configuration state disable
#
firewall zone untrustpriority 1
#
firewall zone trustpriority 15
#
firewall zone Local
#
firewall interzone trust untrustfirewall enablepacket-filter 3001 inbound
#
mi-server
#
interface Vlanif1ipv6 enableip address 192.168.40.25 255.255.254.0ipv6 address auto link-localipv6 address auto globalzone trust                               
#
interface Eth-Trunk1port hybrid tagged vlan 1 to 4094
#
interface GigabitEthernet0/0/0port hybrid tagged vlan 4050
#
interface GigabitEthernet0/0/1
#
interface GigabitEthernet0/0/2combo-port fibereth-trunk 1
#
interface GigabitEthernet0/0/3combo-port fibereth-trunk 1
#
interface GigabitEthernet0/0/4description WANzone untrust
#
interface GigabitEthernet0/0/5shutdown
#                                         
interface GigabitEthernet0/0/6stp edged-port enableundo negotiation auto
#
interface GigabitEthernet0/0/7stp edged-port enableundo negotiation auto
#
interface GigabitEthernet0/0/8stp edged-port enableundo negotiation auto
#
interface GigabitEthernet0/0/9stp edged-port enableundo negotiation auto
#
interface GigabitEthernet0/0/10description VirtualPortipv6 enableipv6 address auto link-localipv6 address auto global defaultip address dhcp-allocipv6 address auto dhcp
#                                         
interface XGigabitEthernet0/0/0port hybrid tagged vlan 4050stp edged-port enable
#
interface XGigabitEthernet0/0/1port hybrid tagged vlan 4050stp edged-port enable
#
interface XGigabitEthernet0/0/2port hybrid tagged vlan 4050stp edged-port enable
#
interface XGigabitEthernet0/0/3port hybrid tagged vlan 4050stp edged-port enable
#
interface NULL0
#
cellular profile defaultmodem auto-recovery dial action modem-reboot fail-times 128modem auto-recovery icmp-unreachable action modem-rebootmodem auto-recovery services-unavailable action modem-reboot test-times 0 interval 3600
#
undo icmp name timestamp-request receive  
#snmp-agent local-engineid 800007DB03509A887F2262snmp-agent group v3 huawei_group privacy write-view Huawei_view notify-view Huawei_viewsnmp-agent target-host trap-hostname aaa address 192.168.40.10 udp-port 10162 trap-paramsname abcsnmp-agent target-host trap-paramsname abc v3 securityname %^%#,UVE+tGAE0pDz+;[6c>0"e8k*}_4BS<H3MIpdAz4%^%# privacysnmp-agent mib-view Huawei_view include iso snmp-agent usm-user v3 fc2mgmtsnmp-agent usm-user v3 fc2mgmt group huawei_groupsnmp-agent usm-user v3 fc2mgmt authentication-mode sha2-256 %^%#Q#%}.1YsO57/0U"IZ,PKiTUD17H^AP82TcSxtjjC%^%#snmp-agent usm-user v3 fc2mgmt privacy-mode aes128 %^%#z[0uH3DW;:0DhMLY!xo<fc\"(mbR,AT;p5Sy>t&A%^%#snmp-agent trap source Vlanif1snmp-agent trap enablesnmp-agent extend error-code enablesnmp-agent permit interface allsnmp-agent 
#ssh user admin authentication-type passwordssh user administrator authentication-type passwordssh server compatible-ssh1x enablesftp server enable 
Nov 18 2024 09:44:55+00:00 AR-10 IFNET/1/IF_LINKUP:OID 1.3.6.1.6.3.1.1.5.4 Interface 15 turned into UP state.(AdminStatus=1,OperStatus=1,InterfaceName=XGigabitEthernet0/0/2) stelnet server enable ssh server permit interface all
#                                         
ip route-static 0.0.0.0 0.0.0.0 192.168.40.7
#
fib regularly-refresh disable
#
user-interface con 0authentication-mode aaa
user-interface vty 0 4authentication-mode aaauser privilege level 15
#
wlan actraffic-profile name defaultsecurity-profile name defaultsecurity-profile name default-wdssecurity wpa2 psk pass-phrase %^%#Nc-s~'BUv6\PFy58UJ!G5#MJ1^iY.OKSC)ZhF@HD%^%# aesssid-profile name defaultvap-profile name defaultwds-profile name defaultregulatory-domain-profile name defaultair-scan-profile name defaultrrm-profile name defaultradio-2g-profile name defaultradio-5g-profile name defaultwids-spoof-profile name defaultwids-profile name default                ap-system-profile name defaultport-link-profile name defaultwired-port-profile name defaultap-group name default
#
dot1x-access-profile name dot1x_access_profile
#
mac-access-profile name mac_access_profile
#
voice #enterprise default#diagnose
#
ops
#
autostart
#
secelog
#ms-channel #                                         
return

檢查iBMC的fc2mgm用戶

檢查節(jié)點(diǎn)BMC管理是否存在用戶“fc2mgmt”,如果沒有需要給節(jié)點(diǎn)BMC添加用戶“fc2mgmt”

升級節(jié)點(diǎn)固件

升級節(jié)點(diǎn)固件，包括但不限于BIOS、CPLD、iBMC到指定版本

安裝

FCB 需配置和iBMC同網(wǎng)段地址

修改FCB WebUI超時時間

使用瀏覽器登錄https://<fusioncube_builder_IP>:8443，輸入用戶admin和密碼，登錄部署工具界面。
選擇安裝場景和虛擬化平臺類型，使用默認(rèn)“FusionSphere”，點(diǎn)擊下一步

選擇自動發(fā)現(xiàn)，并輸入fc2mgmt用戶密碼

開始掃描發(fā)現(xiàn)節(jié)點(diǎn)

配置網(wǎng)絡(luò)：（使用管理平面和BMC平面合并部署）

檢驗(yàn)參數(shù)配置

上傳軟件并校驗(yàn)


校驗(yàn)通過后開始安裝

安裝軟件環(huán)境
上一步校驗(yàn)完成后，提示是否開始安裝，點(diǎn)擊“確定”開始安裝

2節(jié)點(diǎn)同時安裝

軟件安裝完成，點(diǎn)擊“完成”按鈕

顯示安裝成功

安裝完成后，此時FusionCompute平臺已經(jīng)可以登錄管理。

初始化FusionCube Vision

使用瀏覽器登錄FusionCube Vision管理浮動IP，輸入用戶名密碼admin\公共密碼(即fc2mgmt密碼)

點(diǎn)擊“初始化”按鈕

輸入公共密碼

添加證書 (安裝手冊下載證書并上傳)

信任主機(jī)

網(wǎng)絡(luò)初始化


設(shè)置數(shù)據(jù)冗余策略2副本

校驗(yàn)配置參數(shù)

校驗(yàn)配置參數(shù)，完成后點(diǎn)擊“初始化”按鈕

初始化完成，點(diǎn)擊“確定”按鈕

修改密碼

勾選“使用相同的密碼”

點(diǎn)擊“確定”完成初始化。