ProHoster > Блог > Gudanarwa > Yin aiki da kai na sabis na cibiyar sadarwa ko yadda ake gina dakin gwaje-gwaje ta amfani da OpenDaylight, Postman da Vrnetlab
Yin aiki da kai na sabis na cibiyar sadarwa ko yadda ake gina dakin gwaje-gwaje ta amfani da OpenDaylight, Postman da Vrnetlab
A cikin wannan labarin, zan nuna muku yadda ake saitawa Buɗe hasken rana don yin aiki tare da kayan aikin cibiyar sadarwa, da kuma nuna yadda ake amfani da su Wasikun Postman da sauki RESTCONF buƙatun, ana iya sarrafa wannan kayan aikin. Ba za mu yi aiki da hardware ba, amma a maimakon haka za mu tura ƙananan dakunan gwaje-gwaje masu kama da na'ura mai ba da hanya tsakanin hanyoyin sadarwa guda ɗaya da ke amfani da su Vrnetlab ya wuce Ubuntu 20.04 LTS.
Zan fara nuna cikakken saitunan ta amfani da misalin na'ura mai ba da hanya tsakanin hanyoyin sadarwa Juniper vMX 20.1R1.11, sa'an nan kuma mu kwatanta shi da saitin Cisco xRV9000 7.0.2.
Abubuwa
Ilimin da ake bukata
Sashe na 1: tattauna a takaice OpenRaylight (nan gaba ODL), Wasikun Postman и Vrnetlab kuma me yasa muke bukatar su
Sashe na 2: bayanin dakin gwaje-gwaje na kama-da-wane
Sashe na 3: siffanta Buɗe hasken rana
Sashe na 4: siffanta Vrnetlab
Sashe na 5: ta hanyar amfani Wasikun Postman Haɗa Virtual Router (Juniper vMX) Ku ODL
Sashe na 6: samu kuma canza tsarin na'ura mai ba da hanya tsakanin hanyoyin sadarwa ta amfani da Wasikun Postman и ODL
Sashe na 7: ƙara Cisco xRV9000
ƙarshe
PS
Littafi Mai Tsarki
Ilimin da ake bukata
Domin kada labarin ya zama takarda, na bar wasu cikakkun bayanai na fasaha (tare da hanyoyin haɗi zuwa wallafe-wallafen inda za ku iya karantawa game da su).
Dangane da wannan, ina ba ku batutuwan da zai yi kyau (amma kusan ba lallai ba ne) ku sani kafin karanta:
Buɗe dandali na SDN don sarrafawa da sarrafa kowane nau'in hanyoyin sadarwa, mai goyan bayan Gidauniyar Linux
Java a ciki
Dangane da Model-Driven Service Level Abstraction (MD-SAL)
Yana amfani da ƙirar YANG don ƙirƙirar APIs RESTCONF ta atomatik don na'urorin cibiyar sadarwa
Babban tsarin gudanarwa na cibiyar sadarwa. Ta hanyarsa ne za mu yi sadarwa tare da na'urorin haɗi. Gudanarwa ta hanyar API ɗinsa.
Kuna iya karanta ƙarin game da Opendaylight a nan.
Kayan aikin gwajin API
Sauƙi kuma mai sauƙin amfani da dubawa
A cikin yanayinmu, muna sha'awar shi azaman hanyar aika buƙatun REST zuwa API na Opendaylight. Kuna iya, ba shakka, aika buƙatun da hannu, amma a cikin ma'aikacin gidan waya komai ya bayyana a sarari kuma ya dace da manufofinmu daidai.
Ga waɗanda suke so su tono: an rubuta kayan horo da yawa akansa (misali).
Kayan aiki don tura manyan hanyoyin sadarwa a Docker
Yana goyan bayan: Cisco XRv, Juniper vMX, Arista vEOS, Nokia VSR, da sauransu.
Open Source
Wani kayan aiki mai ban sha'awa amma kaɗan da aka sani. A cikin yanayinmu, za mu yi amfani da shi don gudanar da Juniper vMX da Cisco xRV9000 akan Ubuntu 20.04 LTS na yau da kullun.
A cikin wannan koyawa, za mu kafa tsarin mai zuwa:
Ta yaya wannan aikin
Juniper vMX ya tashi Docker akwati (ta hanyar Vrnetlab) kuma yana aiki azaman mafi yawan na'ura mai ba da hanya tsakanin hanyoyin sadarwa.
ODL haɗa zuwa na'ura mai ba da hanya tsakanin hanyoyin sadarwa kuma yana ba ku damar sarrafa shi.
Wasikun Postman kaddamar a kan wani na'ura daban kuma ta wurinsa muke aika umarni ODL: don haɗa / cire na'ura mai ba da hanya tsakanin hanyoyin sadarwa, canza tsarin aiki, da sauransu.
Sharhi kan na'urar tsarin
Juniper vMX и ODL suna buƙatar albarkatu masu yawa don kwanciyar hankalin aikinsu. Daya kawai vMX yana neman 6GB na RAM da 4 cores. Saboda haka, an yanke shawarar matsar da duk "masu nauyi" zuwa na'ura daban (Kamfanin Heulet Packard MicroServer ProLiant Gen8, Ubuntu 20.04 LTS). Mai ba da hanya tsakanin hanyoyin sadarwa, ba shakka, ba ya "tashi" akan shi, amma aikin ya isa ga ƙananan gwaje-gwaje.
Sashe na 3: Saita Hasken Rana
Sigar ODL na yanzu a lokacin wannan rubutun shine Magnesium SR1
1) Shigarwa Java Bude JDK 11 (don ƙarin cikakken shigarwa a nan)
ubuntu:~$ sudo apt install default-jdk
2) Nemo kuma zazzage sabon gini ODLdaga nan
3) Cire kayan tarihin da aka sauke
4) Je zuwa wurin da aka samu
5) Kaddamarwa ./bin/karaf
A wannan mataki ODL ya kamata a fara kuma za mu sami kanmu a cikin na'ura mai kwakwalwa (ana amfani da tashar jiragen ruwa 8181 don samun dama daga waje, wanda za mu yi amfani da shi daga baya).
Na gaba, shigar Siffofin ODLtsara don aiki tare da ladabi NETCONF и RESTCONF. Don yin wannan a cikin na'ura wasan bidiyo ODL muna aiwatar da:
Don sanyawa Vrnetlab clone madaidaicin ma'ajiyar daga github:
ubuntu:~$ cd ~
ubuntu:~$ git clone https://github.com/plajjan/vrnetlab.git
Je zuwa kundin adireshi vrnetlab:
ubuntu:~$ cd ~/vrnetlab
Anan zaka iya ganin duk rubutun da ake buƙata don aiki. Lura cewa an yi kundin adireshi mai dacewa ga kowane nau'in na'ura mai ba da hanya tsakanin hanyoyin sadarwa:
Ƙirƙiri hoton na'ura mai ba da hanya tsakanin hanyoyin sadarwa
Kowane na'ura mai ba da hanya tsakanin hanyoyin sadarwa da ke da tallafi Vrnetlab, yana da tsarin saitin sa na musamman. Yaushe Juniper vMX kawai muna buƙatar loda tarihin .tgz tare da na'ura mai ba da hanya tsakanin hanyoyin sadarwa (zaku iya sauke shi daga na aikin site) zuwa vmx directory kuma gudanar da umarni make:
ubuntu:~$ cd ~/vrnetlab/vmx
ubuntu:~$ # Копируем в эту директорию .tgz архив с роутером
ubuntu:~$ sudo make
Gina hoto vMX zai ɗauki kimanin minti 10-20. Lokaci ya yi da za a je samun kofi!
"Wannan shi ne saboda karo na farko da aka fara VCP (Control Plane), yana karanta fayil ɗin daidaitawa wanda ke ƙayyade ko zai yi aiki a matsayin VRR VCP a cikin vMX. A baya, an yi wannan ƙaddamarwa a lokacin farawa Docker, amma wannan yana nufin cewa VCP koyaushe ana sake kunna shi sau ɗaya kafin na'ura mai ba da hanya tsakanin hanyoyin sadarwa ta sami samuwa, wanda ya haifar da dogon lokacin taya (kimanin mintuna 5) Yanzu ana yin aikin farko na VCP yayin gina hoton Docker, kuma tunda ginin Docker ba zai iya gudana tare da - Zaɓin zaɓi, wannan yana nufin cewa qemu yana aiki ba tare da haɓaka kayan aikin KVM ba kuma don haka ginin yana ɗaukar lokaci mai tsawo. ba shi da ban tsoro sosai saboda muna ƙirƙirar hoto sau ɗaya, amma muna ƙaddamar da da yawa."
Bayan zaku iya ganin hoton hanyar sadarwar mu a ciki Docker:
ubuntu:~$ sudo docker image list
REPOSITORY TAG IMAGE ID CREATED SIZE
vrnetlab/vr-vmx 20.1R1.11 b1b2369b453c 3 weeks ago 4.43GB
debian stretch 614bb74b620e 7 weeks ago 101MB
Kaddamar da akwati vr-vmx
Mun fara da umarnin:
ubuntu:~$ sudo docker run -d --privileged --name jun01 b1b2369b453c
Na gaba, zamu iya ganin bayani game da kwantena masu aiki:
ubuntu:~$ sudo docker container list
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
120f882c8712 b1b2369b453c "/launch.py" 2 minutes ago Up 2 minutes (unhealthy) 22/tcp, 830/tcp, 5000/tcp, 10000-10099/tcp, 161/udp jun01
Haɗa zuwa na'ura mai ba da hanya tsakanin hanyoyin sadarwa
Ana iya samun adireshin IP na cibiyar sadarwa na mai ba da hanya tsakanin hanyoyin sadarwa tare da umarni mai zuwa:
Default, Vrnetlab yana haifar da mai amfani akan na'ura mai ba da hanya tsakanin hanyoyin sadarwa vrnetlab/VR-netlab9.
Haɗawa da ssh:
ubuntu:~$ ssh [email protected]
The authenticity of host '172.17.0.2 (172.17.0.2)' can't be established.
ECDSA key fingerprint is SHA256:g9Sfg/k5qGBTOX96WiCWyoJJO9FxjzXYspRoDPv+C0Y.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '172.17.0.2' (ECDSA) to the list of known hosts.
Password:
--- JUNOS 20.1R1.11 Kernel 64-bit JNPR-11.0-20200219.fb120e7_buil
vrnetlab> show version
Model: vmx
Junos: 20.1R1.11
Wannan yana kammala saitin na'ura mai ba da hanya tsakanin hanyoyin sadarwa.
Ana iya samun shawarwarin shigarwa don masu amfani da hanyoyin sadarwa na dillalai daban-daban a aikin github a cikin kundayen adireshi.
Sashe na 5: Postman - haɗa na'ura mai ba da hanya tsakanin hanyoyin sadarwa zuwa Opendaylight
Shigar da ma'aikacin gidan waya
Don shigar, kawai zazzage aikace-aikacen daga nan.
Haɗa na'ura mai ba da hanya tsakanin hanyoyin sadarwa zuwa ODL
Mu yi halitta saka nema:
Zaren tambaya:
PUT http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/jun01
Waɗannan sunaye ne na ciki XML (XML sunan yankin) don ODL bisa ga abin da ya haifar da kumburi.
Bugu da ari, bi da bi, sunan na'ura mai ba da hanya tsakanin hanyoyin sadarwa ne node-id, adireshin mai amfani da hanyar sadarwa - rundunar da sauransu.
Layi mafi ban sha'awa shine na ƙarshe. Tsarin-cache-directory yana ƙirƙirar kundin adireshi inda ake zazzage duk fayiloli Tsarin YANG na'ura mai ba da hanya tsakanin hanyoyin sadarwa. Kuna iya samun su a ciki $ODL_ROOT/cache/jun01_cache.
Duba haɗin na'ura mai ba da hanya tsakanin hanyoyin sadarwa
Mu yi halitta SAMU nema:
Zaren tambaya:
GET http://10.132.1.202:8181/restconf/operational/network-topology:network-topology/topology/topology-netconf/
A kan shafin izini, dole ne ka saita siga Basic Auth da login/password: admin/admin.
Muna aikawa. Ya kamata a sami matsayi na "200 Ok" da jerin duk abin da na'urar ke tallafawa Tsarin YANG:
comment: Don ganin karshen, a cikin akwati na ya zama dole a jira kimanin minti 10 bayan kisan sakahar sai duka YANG tsarin sauke kaya ODL. Har zuwa wannan lokacin, lokacin yin wannan SAMU tambaya za ta nuna mai zuwa:
Share na'ura mai ba da hanya tsakanin hanyoyin sadarwa
A kan shafin izini, dole ne ka saita siga Basic Auth da login/password: admin/admin.
Sashe na 6: Canja tsarin na'ura mai ba da hanya tsakanin hanyoyin sadarwa
Samun tsari
Mu yi halitta SAMU nema:
Zaren tambaya:
GET http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/jun01/yang-ext:mount/
A kan shafin izini, dole ne ka saita siga Basic Auth da login/password: admin/admin.
Muna aikawa. Ya kamata a sami matsayi "200 Ok" da tsarin na'ura mai ba da hanya tsakanin hanyoyin sadarwa:
Ƙirƙiri tsari
A matsayin misali, bari mu ƙirƙiri wannan tsari kuma mu gyara shi:
protocols {
bgp {
disable;
shutdown;
}
}
Mu yi halitta POST nema:
Zaren tambaya:
POST http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/jun01/yang-ext:mount/junos-conf-root:configuration/junos-conf-protocols:protocols
A kan shafin izini, dole ne ka saita siga Basic Auth da login/password: admin/admin.
A shafin Headers, kuna buƙatar ƙara masu kai biyu:
Karɓi aikace-aikace/xml
Aikace-aikacen nau'in abun ciki/xml
Bayan aikawa, yakamata su sami matsayin "204 Babu abun ciki"
Don bincika cewa saitin ya canza, zaku iya amfani da tambayar da ta gabata. Amma alal misali, za mu ƙirƙiri wani wanda zai nuna bayanai kawai game da ka'idojin da aka saita akan na'ura mai ba da hanya tsakanin hanyoyin sadarwa.
Mu yi halitta SAMU nema:
Zaren tambaya:
GET http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/jun01/yang-ext:mount/junos-conf-root:configuration/junos-conf-protocols:protocols
A kan shafin izini, dole ne ka saita siga Basic Auth da login/password: admin/admin.
Bayan aiwatar da buƙatar, za mu ga masu zuwa:
Canja saitin
Bari mu canza bayani game da ka'idar BGP. Bayan ayyukanmu, zai yi kama da haka:
protocols {
bgp {
disable;
}
}
Mu yi halitta saka nema:
Zaren tambaya:
PUT http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/jun01/yang-ext:mount/junos-conf-root:configuration/junos-conf-protocols:protocols
Kar a manta da canza masu kai kan shafin Headers zuwa:
Karɓi aikace-aikacen/json
Aikace-aikacen nau'in abun ciki/json
Bayan aikawa, za mu sami sakamako mai zuwa (Mun kalli amsar ta amfani da SAMU nema):
Sashe na 7: Ƙara Cisco xRV9000
Me muke duka game da Juniper, eh Juniper? Bari muyi magana game da Cisco!
Na samo nau'in xRV9000 7.0.2 ( dabbar da ke buƙatar 8Gb RAM da kuma cores 4. Ba a samuwa kyauta, don haka tuntuɓi Cisco) - bari mu gudanar da shi.
Gudun akwati
Tsarin ƙirƙirar kwandon Docker kusan bai bambanta da Juniper ba. Hakazalika, muna sauke fayil ɗin .qcow2 tare da na'ura mai ba da hanya tsakanin hanyoyin sadarwa zuwa cikin kundin adireshin da ya dace da sunansa (a cikin wannan yanayin, xrv9k) kuma muna aiwatar da umarnin. make docker-image.
Bayan 'yan mintoci kaɗan, mun ga cewa an ƙirƙiri hoton:
ubuntu:~$ sudo docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
vrnetlab/vr-xrv9k 7.0.2 54debc7973fc 4 hours ago 1.7GB
vrnetlab/vr-vmx 20.1R1.11 b1b2369b453c 4 weeks ago 4.43GB
debian stretch 614bb74b620e 7 weeks ago 101MB
Mun fara kwantena:
ubuntu:~$ sudo docker run -d --privileged --name xrv01 54debc7973fc
Bayan ɗan lokaci, mun ga cewa kwandon ya fara:
ubuntu:~$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
058c5ecddae3 54debc7973fc "/launch.py" 4 hours ago Up 4 hours (healthy) 22/tcp, 830/tcp, 5000-5003/tcp, 10000-10099/tcp, 161/udp xrv01
Haɗa ta hanyar ssh:
ubuntu@ubuntu:~$ ssh [email protected]
Password:
RP/0/RP0/CPU0:ios#show version
Mon Jul 6 12:19:28.036 UTC
Cisco IOS XR Software, Version 7.0.2
Copyright (c) 2013-2020 by Cisco Systems, Inc.
Build Information:
Built By : ahoang
Built On : Fri Mar 13 22:27:54 PDT 2020
Built Host : iox-ucs-029
Workspace : /auto/srcarchive15/prod/7.0.2/xrv9k/ws
Version : 7.0.2
Location : /opt/cisco/XR/packages/
Label : 7.0.2
cisco IOS-XRv 9000 () processor
System uptime is 3 hours 22 minutes
Haɗa na'ura mai ba da hanya tsakanin hanyoyin sadarwa zuwa Opendaylight
Ƙara yana faruwa a cikin kwatankwacin hanya tare da vMX. Muna buƙatar canza sunaye kawai. saka nema:
Kira bayan ɗan lokaci SAMU tambaya don bincika cewa komai yana haɗe:
Canja saitin
Bari mu saita tsari mai zuwa:
!
router ospf LAB
mpls ldp auto-config
!
Mu yi halitta POST nema:
Zaren tambaya:
POST http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount/Cisco-IOS-XR-ipv4-ospf-cfg:ospf
A kan shafin izini, dole ne ka saita siga Basic Auth da login/password: admin/admin.
A shafin Headers, kuna buƙatar ƙara masu kai biyu:
Karɓi aikace-aikacen/json
Aikace-aikacen nau'in abun ciki/json
Bayan aiwatar da shi, yakamata su sami matsayin "204 Babu abun ciki".
Mu duba abin da muka samu.
Don yin wannan, za mu ƙirƙira SAMU nema:
Zaren tambaya:
GET http://10.132.1.202:8181/restconf/config/network-topology:network-topology/topology/topology-netconf/node/xrv01/yang-ext:mount/Cisco-IOS-XR-ipv4-ospf-cfg:ospf
A kan shafin izini, dole ne ka saita siga Basic Auth da login/password: admin/admin.
Bayan aiwatarwa, ya kamata ku ga abubuwa masu zuwa:
A kan shafin izini, dole ne ka saita siga Basic Auth da login/password: admin/admin.
ƙarshe
Gabaɗaya, kamar yadda wataƙila kun lura, hanyoyin haɗa Cisco da Juniper zuwa OpenDaylight ba su bambanta ba - wannan yana buɗe babban fa'ida don kerawa. Farawa daga sarrafa tsarin duk abubuwan cibiyar sadarwa kuma yana ƙarewa tare da ƙirƙirar manufofin cibiyar sadarwar ku.
A cikin wannan koyawa, na ba da misalai mafi sauƙi na yadda za ku iya mu'amala da kayan aikin cibiyar sadarwa ta amfani da OpenDaylight. Ba tare da shakka ba, tambayoyin daga misalan da ke sama za a iya ƙara haɓaka sosai kuma saita duk sabis tare da dannawa ɗaya na linzamin kwamfuta - komai yana iyakance kawai ta tunanin ku *
A ci gaba…
PS
Idan kun riga kun san duk waɗannan ba zato ba tsammani ko, akasin haka, kun shiga cikin ruhin ODL, to ina ba da shawarar neman haɓaka aikace-aikace akan mai sarrafa ODL. Kuna iya farawa daga nan.