ãããããã«ïŒ
ä»åã¯ãããã¯ãŒã¯ã€ã³ãã©ã®èªååã«ã€ããŠã話ããããšæããŸããå°ãããªãããèªãé«ã 1 ã€ã®äŒç€Ÿã§éçšãããŠãããããã¯ãŒã¯ã®åäœå³ã瀺ããŸããå®éã®ãããã¯ãŒã¯æ©åšãšã®äžèŽã¯ãã¹ãŠã©ã³ãã ã§ãããã®ãããã¯ãŒã¯ã§çºçãããé·æã«ãããäºæ¥åæ¢ãšæ·±å»ãªçµæžçæ倱ã«ã€ãªããå¯èœæ§ã®ããäºäŸãèŠãŠãããŸãããã®ã±ãŒã¹ã®è§£æ±ºçã¯ãããããã¯ãŒã¯ ã€ã³ãã©ã¹ãã©ã¯ãã£ã®èªååããšããæŠå¿µã«éåžžã«ããåœãŠã¯ãŸããŸããèªååããŒã«ã䜿çšããŠãè€éãªåé¡ãçæéã§å¹æçã«è§£æ±ºããæ¹æ³ã瀺ãããããã®åé¡ããã®æ¹æ³ã§è§£æ±ºããå¿
èŠããããä»ã®æ¹æ³ã§ã¯è§£æ±ºããªãçç±ã (ã³ã³ãœãŒã«çµç±ã§) èå¯ããŸãã
å
責äºé
èªååã®ããã®äž»ãªããŒã«ã¯ãAnsible (èªååããŒã«ãšããŠ) ãš Git (Ansible Playbook ã®ãªããžããªãšããŠ) ã§ãã ããã¯ãAnsible ã Git ã®ããžãã¯ã«ã€ããŠè©±ããåºæ¬çãªããš (ããšãã°ãAnsible ã® roletaskimodulesãã€ã³ãã³ã㪠ãã¡ã€ã«ãå€æ°ãšã¯äœãããŸãã¯ã©ã®ãããªå Žåã«äœãèµ·ããããªã©) ã説æããå ¥éèšäºã§ã¯ãªãããšãããã«çä¿ããããšæããŸãã git Push ãŸã㯠git commit ã³ãã³ããå ¥åããŸã)ã ãã®è©±ã¯ãAnsible ãå®è·µããæ©åšäžã§ NTP ãŸã㯠SMTP ãæ§æããæ¹æ³ã«ã€ããŠã®è©±ã§ã¯ãããŸããã ããã¯ããããã¯ãŒã¯ã®åé¡ããšã©ãŒãªãè¿ éãã€ç¢ºå®ã«è§£æ±ºããæ¹æ³ã«ã€ããŠã®è©±ã§ãã ãŸãããããã¯ãŒã¯ãã©ã®ããã«æ©èœããããç¹ã« TCP/IPãOSPFãBGP ãããã³ã« ã¹ã¿ãã¯ãäœã§ããããããç解ããããšããå§ãããŸãã ãŸããAnsible ãš Git ã®éžæãæ¹çšåŒããé€å€ããŸãã ããã§ãç¹å®ã®ãœãªã¥ãŒã·ã§ã³ãéžæããå¿ èŠãããå Žåã¯ãããããã¯ãŒã¯ ããã°ã©ãããªãã£ãšèªååããšããæžç±ãèªãããšã匷ããå§ãããŸãã Skills for the Next-Generation Network EngineerãïŒãžã§ã€ãœã³ã»ãšãã«ãã³ãã¹ã³ããã»Sã»ããŠããããã»ãªãºã¯ã«ãèïŒã
ããŠãã€ã³ãã«ã
åé¡ã®å®åŒå
ç¶æ³ãæ³åããŠã¿ãŸããããåå 3 æã«ãããªãã¯ãã£ããç ã£ãŠããŠå€¢ãèŠãŠããŸãã é»è©±ã ãã¯ãã«ã«ãã£ã¬ã¯ã¿ãŒã¯æ¬¡ã®ããã«åŒã³ãããŠããŸãã
- ã¯ãïŒ
â ###ã####ã#####ããã¡ã€ã¢ãŠã©ãŒã« ã¯ã©ã¹ã¿ãŒãåæ¢ããèµ·åããŠããŸããã
ããªãã¯ç®ãããã£ãŠäœãèµ·ãã£ãŠããã®ããç解ããããšããã©ãããŠãããªããšãèµ·ããåŸãã®ãæ³åããããšããŸãã é»è©±ã§ã¯å±é·ã®é 髪ãè£ããé³ãèãããå°è»ãäºçªç·ã§é»è©±ããããŠããã®ã§æãè¿ããŠã»ãããšé Œãã ã
XNUMXååŸãããªãã¯å€åã·ããããæåã®å°å ¥ã¡ã¢ãéããèµ·ãããå šå¡ãèµ·ãããŸããã ãã®çµæããã¯ãã«ã«ãã£ã¬ã¯ã¿ãŒã¯åãã€ããããã¹ãŠãçŸç¶ã®ãŸãŸã§ããããã¡ã€ã¢ãŠã©ãŒã«ã®ã¡ã€ã³ã¯ã©ã¹ã¿ãŒã厩å£ããåºæ¬çãªäœã®åãã§æ£æ°ã«æ»ããŸããã§ããã äŒç€ŸãæäŸãããã¹ãŠã®ãµãŒãã¹ãæ©èœããŸããã
奜ã¿ã«åãããŠåé¡ãéžæããŠãã ããã誰ããéãããšãæãåºãã§ãããã ããšãã°ãéãè² è·ãããã£ãŠããªãç¶æ ã§äžæ©æŽæ°ããåŸã¯ããã¹ãŠãããŸãæ©èœããå šå¡ãæºè¶³ããŠå°±å¯ããŸããã ãããã¯ãŒã¯ ã«ãŒã ãã©ã€ããŒã®ãã°ã«ããããã©ãã£ãã¯ãæµãå§ããã€ã³ã¿ãŒãã§ã€ã¹ ãããã¡ãŒããªãŒããŒãããŒãå§ããŸããã
ãžã£ãããŒã»ãã§ã³ã¯ç¶æ³ãããŸã説æã§ããŸãã
ããããšãããžã£ãããŒã
ããŸã奜ãŸããç¶æ³ã§ã¯ãããŸãããã
ãããã¯ãŒã¯ä»²éã®æ²ããæãããã°ããå¿ããŠãããŸãããã
ã€ãã³ããããã«ã©ã®ããã«çºå±ãããã«ã€ããŠè©±ãåããŸãããã
è³æã®æ瀺é åºã¯æ¬¡ã®ãšããã§ãã
- ãããã¯ãŒã¯å³ãèŠãŠããããã©ã®ããã«æ©èœããããèŠãŠã¿ãŸãããã
- Ansible ã䜿çšããŠãããã«ãŒã¿ãŒããå¥ã®ã«ãŒã¿ãŒã«èšå®ã転éããæ¹æ³ã«ã€ããŠèª¬æããŸãã
- ITã€ã³ãã©å šäœã®èªååã«ã€ããŠã話ããŸãããã
ãããã¯ãŒã¯å³ãšèª¬æ
ã¹ããŒã
ç§ãã¡ã®çµç¹ã®è«çå³ãèããŠã¿ãŸãããã ç¹å®ã®æ©åšã¡ãŒã«ãŒã®ååã¯æããŸãããããã®èšäºã®ç®çã«ãšã£ãŠã¯éèŠã§ã¯ãããŸããã ïŒæ³šææ·±ãèªè
ãªããã©ã®ãããªçš®é¡ã®æ©åšã䜿çšãããŠãããæšæž¬ã§ããã§ãããïŒã ãã㯠Ansible ã䜿çšããããšã®è¯ãå©ç¹ã® XNUMX ã€ã«ãããŸãããéåžžãã»ããã¢ããæã«ã¯ããããã©ã®ãããªçš®é¡ã®æ©åšã§ãããã¯æ°ã«ãããŸããã ç解ããŠããã ãããã«ããã㯠CiscoãJuniperãCheck PointãFortinetãPalo Alto ãªã©ã®æåãªãã³ããŒã®æ©åšã§ããç¬èªã®ãªãã·ã§ã³ã§çœ®ãæããããšãã§ããŸãã
ãã©ãã£ãã¯ã移åããã«ã¯ã次㮠XNUMX ã€ã®äž»ãªã¿ã¹ã¯ããããŸãã
- äŒç€Ÿã®äºæ¥ã§ãããµãŒãã¹ã確å®ã«å ¬éããã
- æ¯åºããªã¢ãŒã ããŒã¿ ã»ã³ã¿ãŒããµãŒãããŒãã£çµç¹ (ããŒãããŒããã³ã¯ã©ã€ã¢ã³ã) ãšã®éä¿¡ãããã³äžå€®ãªãã£ã¹ãä»ããã€ã³ã¿ãŒããããžã®æ¯åºã®ã¢ã¯ã»ã¹ãæäŸããŸãã
åºæ¬çãªèŠçŽ ããå§ããŸãããã
- 01 å°ã®å¢çã«ãŒã¿ãŒ (BRD-02ãBRD-XNUMX)ã
- ãã¡ã€ã¢ãŠã©ãŒã« ã¯ã©ã¹ã¿ãŒ (FW-CLUSTER)ã
- ã³ã¢ã¹ã€ãã (L3-CORE);
- ã©ã€ãã©ã€ã³ãšãªãã«ãŒã¿ïŒåé¡è§£æ±ºã«äŒŽãããããã¯ãŒã¯èšå®ãFW-CLUSTERããEMERGENCYã«ç§»è¡ããŸãïŒïŒEMERGENCYïŒã
- ãããã¯ãŒã¯ ã€ã³ãã©ã¹ãã©ã¯ãã£ç®¡ççšã®ã¹ã€ãã (L2-MGMT)ã
- Git ãš Ansible ã䜿çšããä»®æ³ãã·ã³ (VM-AUTOMATION);
- Ansible (ã©ããããã ãªãŒãã¡ãŒã·ã§ã³) ã®ãã¬ã€ããã¯ã®ãã¹ããšéçºãå®è¡ãããã©ãããããã
ãããã¯ãŒã¯ã¯ã次ã®é åãæã€åç OSPF ã«ãŒãã£ã³ã° ãããã³ã«ã§æ§æãããŸãã
- ãšãªã¢ 0 â EXCHANGE ãŸãŒã³å ã®ãã©ãã£ãã¯ã®ç§»åãæ åœããã«ãŒã¿ãŒãå«ããšãªã¢ã
- ãšãªã¢ 1 â äŒæ¥ãµãŒãã¹ã®éçšãæ åœããã«ãŒã¿ãŒãå«ããšãªã¢ã
- ãšãªã¢ 2 â 管çãã©ãã£ãã¯ã®ã«ãŒãã£ã³ã°ãæ åœããã«ãŒã¿ãŒãå«ããšãªã¢ã
- ãšãªã¢ N â ãã©ã³ã ãããã¯ãŒã¯ã®ãšãªã¢ã
å¢çã«ãŒã¿ã§ã¯ãä»®æ³ã«ãŒã¿ (VRF-INTERNET) ãäœæããããã®äžã« eBGP ãã« ãã¥ãŒã察å¿ããå²ãåœãŠ AS ãšãšãã«ã€ã³ã¹ããŒã«ãããŸãã iBGP 㯠VRF éã«èšå®ãããŸãã å瀟ã¯ããããã® VRF-INTERNET ã§å ¬éãããŠãããã¯ã€ã ã¢ãã¬ã¹ã®ããŒã«ãæã£ãŠããŸãã ãã¯ã€ã ã¢ãã¬ã¹ã®äžéšã¯ FW-CLUSTER (äŒç€Ÿã®ãµãŒãã¹ãåäœããã¢ãã¬ã¹) ã«çŽæ¥ã«ãŒãã£ã³ã°ãããäžéšã¯ EXCHANGE ãŸãŒã³ (å€éš IP ã¢ãã¬ã¹ãå¿ èŠãšãã瀟å ãµãŒãã¹ãããã³ãªãã£ã¹ã®å€éš NAT ã¢ãã¬ã¹) ãä»ããŠã«ãŒãã£ã³ã°ãããŸãã 次ã«ããã©ãã£ãã¯ã¯ããã¯ã€ã ã¢ãã¬ã¹ãšã°ã¬ãŒ ã¢ãã¬ã¹ (ã»ãã¥ãªã㣠ãŸãŒã³) ãæ〠L3-CORE äžã«äœæãããä»®æ³ã«ãŒã¿ãŒã«éä¿¡ãããŸãã
管çãããã¯ãŒã¯ã¯å°çšã¹ã€ããã䜿çšããç©ççã«å°çšã®ãããã¯ãŒã¯ãè¡šããŸãã 管çãããã¯ãŒã¯ãã»ãã¥ãªã㣠ãŸãŒã³ã«åå²ãããŠããŸãã
EMERGENCY ã«ãŒã¿ã¯ãFW-CLUSTER ãç©ççããã³è«ççã«è€è£œããŸãã 管çãããã¯ãŒã¯ãåç
§ããã€ã³ã¿ãŒãã§ãŒã¹ãé€ãããã®äžã®ãã¹ãŠã®ã€ã³ã¿ãŒãã§ãŒã¹ãç¡å¹ã«ãªããŸãã
èªååãšãã®èª¬æ
ç§ãã¡ã¯ãããã¯ãŒã¯ãã©ã®ããã«æ©èœããããç解ããŸããã 次ã«ããã©ãã£ãã¯ã FW-CLUSTER ãã EMERGENCY ã«è»¢éããããã«äœããããã段éçã«èŠãŠã¿ãŸãããã
- FW-CLUSTER ã«æ¥ç¶ããã³ã¢ ã¹ã€ãã (L3-CORE) äžã®ã€ã³ã¿ãŒãã§ã€ã¹ãç¡å¹ã«ããŸãã
- L2-MGMT ã«ãŒãã« ã¹ã€ããã FW-CLUSTER ã«æ¥ç¶ããã€ã³ã¿ãŒãã§ã€ã¹ãç¡å¹ã«ããŸãã
- EMERGENCY ã«ãŒã¿ãŒãæ§æããŸã (ããã©ã«ãã§ã¯ãL2-MGMT ã«é¢é£ä»ããããŠããã€ã³ã¿ãŒãã§ãŒã¹ãé€ããã¹ãŠã®ã€ã³ã¿ãŒãã§ãŒã¹ãç¡å¹ã«ãªã£ãŠããŸã)ã
- ç·æ¥æã«ã€ã³ã¿ãŒãã§ãŒã¹ãæå¹ã«ããŸãã
- FW ã¯ã©ã¹ã¿ãŒäžã«ãã£ãå€éš IP ã¢ãã¬ã¹ (NAT çš) ãæ§æããŸãã
- gARP ãªã¯ãšã¹ããçæããŠãL3-CORE arp ããŒãã«å ã®ãã㌠ã¢ãã¬ã¹ã FW-Cluster ãã EMERGENCY ã«å€æŽãããããã«ããŸãã
- ããã©ã«ã ã«ãŒããéçãšã㊠BRD-01ãBRD-02 ã«ç»é²ããŸãã
- NAT ã«ãŒã«ãäœæããŸãã
- ç·æ¥ OSPF ãšãªã¢ 1 ã«åŒãäžããŸãã
- ç·æ¥ OSPF ãšãªã¢ 2 ã«åŒãäžããŸãã
- ãšãªã¢ 1 ãã 10 ã®ã«ãŒãã®ã³ã¹ããå€æŽããŸãã
- ãšãªã¢ 1 ã®ããã©ã«ã ã«ãŒãã®ã³ã¹ãã 10 ã«å€æŽããŸãã
- L2-MGMT ã«é¢é£ä»ãããã IP ã¢ãã¬ã¹ã (FW-CLUSTER äžã«ãã£ããã®ã«) å€æŽããŸãã
- L2-MGMT arp ããŒãã«å ã®ãã㌠ã¢ãã¬ã¹ã FW-CLUSTER ãã EMERGENCY ã«å€æŽãããããã«ãgARP ãªã¯ãšã¹ããçæããŸãã
ããäžåºŠãåé¡ã®å
ã®å®åŒåã«æ»ããŸãã ååXNUMXæãå€å€§ãªã¹ãã¬ã¹ãã©ã®æ®µéã§ããã¹ããããšæ°ããªåé¡ã«ã€ãªããå¯èœæ§ããããŸãã CLI çµç±ã§ã³ãã³ããå
¥åããæºåã¯ã§ããŸããã? ã¯ãïŒ ãªãŒã±ãŒãå°ãªããšãé¡ãããããã³ãŒããŒã飲ã¿ãæå¿åã奮ãç«ãããŠãã ããã
ãã«ãŒã¹ãã¿ããªãå©ããŠãã ããã
ããã§ãããç§ãã¡ã¯èªååã®æ¹åãç¶ããŠããŸãã
以äžã¯ãPlaybook ã Ansible ã®èŠ³ç¹ããã©ã®ããã«æ©èœãããã瀺ãå³ã§ãã ãã®ã¹ããŒã ã¯äžã§èª¬æããå
容ãåæ ããŠãããAnsible ã®ç¹å®ã®å®è£
ã«ãããŸããã
ãã®æ®µéã§ãäœãããå¿
èŠãããããèªèãããã¬ã€ããã¯ãéçºãããã¹ããå®æœããŸããããããŠä»ããããç«ã¡äžããæºåãæŽããŸããã
ããäžã€ã®å°ããªåæ çãªäœè«ã 話ã®ç°¡åããã誀解ãæããŠã¯ãããŸããã ãã¬ã€ããã¯ãäœæããããã»ã¹ã¯ãæã£ãã»ã©åçŽã§ãè¿ éã§ããããŸããã§ããã ãã¹ãã«ã¯ããªãã®æéãããããä»®æ³ã¹ã¿ã³ããäœæããããœãªã¥ãŒã·ã§ã³ãäœåºŠããã¹ããããçŽ 100 åã®ãã¹ããå®è¡ãããŸããã
èµ·åããŸããã...ãã¹ãŠãéåžžã«é ãèµ·ãã£ãŠãããšããæèŠããããã©ããã«ãšã©ãŒããããæçµçã«ã¯äœããæ©èœããŸããã ãã©ã·ã¥ãŒãã§ãžã£ã³ããããã®ã«ããã©ã·ã¥ãŒããããã«éããªãâŠããã¯æ£åžžã§ãã
次ã«ãAnsible ãã¬ã€ããã¯ã®å®è¡ãããæäœã®çµæãèªã¿åããŸã (IP ã¢ãã¬ã¹ã¯æ©å¯ä¿æã®ããã«çœ®ãæããããŠããŸã)ã
[xxx@emergency ansible]$ ansible-playbook -i /etc/ansible/inventories/prod_inventory.ini /etc/ansible/playbooks/emergency_on.yml
PLAY [------->Emergency on VCF] ********************************************************
TASK [vcf_junos_emergency_on : Disable PROD interfaces to FW-CLUSTER] *********************
changed: [vcf]
PLAY [------->Emergency on MGMT-CORE] ************************************************
TASK [mgmt_junos_emergency_on : Disable MGMT interfaces to FW-CLUSTER] ******************
changed: [m9-03-sw-03-mgmt-core]
PLAY [------->Emergency on] ****************************************************
TASK [mk_routeros_emergency_on : Enable EXT-INTERNET interface] **************************
changed: [m9-04-r-04]
TASK [mk_routeros_emergency_on : Generate gARP for EXT-INTERNET interface] ****************
changed: [m9-04-r-04]
TASK [mk_routeros_emergency_on : Enable static default route to EXT-INTERNET] ****************
changed: [m9-04-r-04]
TASK [mk_routeros_emergency_on : Change NAT rule to EXT-INTERNET interface] ****************
changed: [m9-04-r-04] => (item=12)
changed: [m9-04-r-04] => (item=14)
changed: [m9-04-r-04] => (item=15)
changed: [m9-04-r-04] => (item=16)
changed: [m9-04-r-04] => (item=17)
TASK [mk_routeros_emergency_on : Enable OSPF Area 1 PROD] ******************************
changed: [m9-04-r-04]
TASK [mk_routeros_emergency_on : Enable OSPF Area 2 MGMT] *****************************
changed: [m9-04-r-04]
TASK [mk_routeros_emergency_on : Change OSPF Area 1 interfaces costs to 10] *****************
changed: [m9-04-r-04] => (item=VLAN-1001)
changed: [m9-04-r-04] => (item=VLAN-1002)
changed: [m9-04-r-04] => (item=VLAN-1003)
changed: [m9-04-r-04] => (item=VLAN-1004)
changed: [m9-04-r-04] => (item=VLAN-1005)
changed: [m9-04-r-04] => (item=VLAN-1006)
changed: [m9-04-r-04] => (item=VLAN-1007)
changed: [m9-04-r-04] => (item=VLAN-1008)
changed: [m9-04-r-04] => (item=VLAN-1009)
changed: [m9-04-r-04] => (item=VLAN-1010)
changed: [m9-04-r-04] => (item=VLAN-1011)
changed: [m9-04-r-04] => (item=VLAN-1012)
changed: [m9-04-r-04] => (item=VLAN-1013)
changed: [m9-04-r-04] => (item=VLAN-1100)
TASK [mk_routeros_emergency_on : Change OSPF area1 default cost for to 10] ******************
changed: [m9-04-r-04]
TASK [mk_routeros_emergency_on : Change MGMT interfaces ip addresses] ********************
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n.254', u'name': u'VLAN-803'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+1.254', u'name': u'VLAN-805'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+2.254', u'name': u'VLAN-807'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+3.254', u'name': u'VLAN-809'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+4.254', u'name': u'VLAN-820'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+5.254', u'name': u'VLAN-822'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+6.254', u'name': u'VLAN-823'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+7.254', u'name': u'VLAN-824'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+8.254', u'name': u'VLAN-850'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+9.254', u'name': u'VLAN-851'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+10.254', u'name': u'VLAN-852'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+11.254', u'name': u'VLAN-853'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+12.254', u'name': u'VLAN-870'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+13.254', u'name': u'VLAN-898'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+14.254', u'name': u'VLAN-899'})
TASK [mk_routeros_emergency_on : Generate gARPs for MGMT interfaces] *********************
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n.254', u'name': u'VLAN-803'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+1.254', u'name': u'VLAN-805'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+2.254', u'name': u'VLAN-807'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+3.254', u'name': u'VLAN-809'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+4.254', u'name': u'VLAN-820'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+5.254', u'name': u'VLAN-822'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+6.254', u'name': u'VLAN-823'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+7.254', u'name': u'VLAN-824'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+8.254', u'name': u'VLAN-850'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+9.254', u'name': u'VLAN-851'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+10.254', u'name': u'VLAN-852'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+11.254', u'name': u'VLAN-853'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+12.254', u'name': u'VLAN-870'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+13.254', u'name': u'VLAN-898'})
changed: [m9-04-r-04] => (item={u'ip': u'Ñ
.Ñ
.n+14.254', u'name': u'VLAN-899'})
PLAY RECAP ************************************************************************
å®äºïŒ
å®éããŸã å®å šã«æºåãæŽã£ãŠããããã§ã¯ãããŸãããåçã«ãŒãã£ã³ã° ãããã³ã«ã®åæãšãFIB ãžã®å€æ°ã®ã«ãŒãã®ããŒããå¿ããªãã§ãã ããã ç§ãã¡ã¯ããã«ãããªã圱é¿ãäžããããšã¯ã§ããŸããã åŸ ã£ãŠãã ããã¯ããŸããããŸããã ããã§æºåå®äºã§ãã
ãããŠããã©ããæïŒãããã¯ãŒã¯èšå®ã®èªååãæãŸãªãïŒã§ã¯ãç¿æŽããç¶ããŠããŸãã Bruce æ° (確ãã«ããã§ã«å€ãã£ãŠããŸãããããã§ãã¯ãŒã«ãªããã§ã¯ãããŸãã) ã¯ãæ©åšã®æåã«ããåæ§æãã©ã®çšåºŠå¿ èŠã«ãªãããç解ããããšããŠããŸãã
ãŸããäžã€éèŠãªç¹ã«ã€ããŠã話ãããããšæããŸãã ã©ãããã°ãã¹ãŠãåãæ»ãããšãã§ããã§ãããã? ãã°ããããŠãããFW-CLUSTER ã埩掻ãããŸãã ããã¯ããã¯ã¢ããã§ã¯ãªãã¡ã€ã³ã®æ©åšã§ããããããã¯ãŒã¯ã¯ãã®äžã§çšŒåããå¿
èŠããããŸãã
ãããã¯ãŒã«ãŒãããã«çãå°œãå§ããŠããããæããŸãã? ãã¯ãã«ã«ãã£ã¬ã¯ã¿ãŒã¯ããªãããããã¹ãã§ã¯ãªãã®ãããªãåŸããã§ããã®ããäœåãã®è°è«ãèãããšã«ãªãã§ãããã æ®å¿µãªããšã«ãããã¯ãããã¯ãŒã¯ãããã€ãŠã®è±ªè¯ãã®ããããæçãæ®éªžã®æããã©ã®ããã«æ©èœãããã§ãã ãããã¯ãŒã¯ãã«ãã«ãªããŸãã ãã®ç¹å®ã®ç¶æ³ã§ã¯ãªããååãšããŠãIT ã¹ãã·ã£ãªã¹ããšããŠã®ç§ãã¡ã®äžè¬çãªã¿ã¹ã¯ã¯ããããã¯ãŒã¯ã®ä»äºãçŸããè±èªã®ãäžè²«æ§ããšããèšèã§è¡šçŸããããšã§ããããã¯éåžžã«å€é¢çã§ããäžè²«æ§ããšèš³ããŸãã ãäžè²«æ§ãè«çæ§ãéŠå°Ÿäžè²«æ§ãäœç³»æ§ãæ¯èŒå¯èœæ§ãéŠå°Ÿäžè²«æ§ã ããã¯ãã¹ãŠåœŒã«é¢ãããã®ã§ãã ãã®ç¶æ ã§ã®ã¿ãããã¯ãŒã¯ã¯ç®¡çå¯èœãšãªããäœãã©ã®ããã«æ©èœããããæ確ã«ç解ããäœãå€æŽããå¿ èŠãããããæ確ã«ç解ããå¿ èŠã«å¿ããŠåé¡ãçºçããå Žåã«ã©ãã«åãåãããã¹ãããæ確ã«ç解ããŸãã ãããŠããã®ãããªãããã¯ãŒã¯ã§ã®ã¿ãä»èª¬æãããããªããªãã¯ãå®è¡ã§ããŸãã
å®ã¯èšââå®ãå ã«æ»ãå¥ã®PlaybookãçšæãããŠããŸããã æäœã®ããžãã¯ã¯åãã§ã (ã¿ã¹ã¯ã®é åºãéåžžã«éèŠã§ããããšãèŠããŠããããšãéèŠã§ã)ããã§ã«ããªãé·ãèšäºãé·ãããªãããã«ããã¬ã€ããã¯ã®å®è¡ã®ãªã¹ããæçš¿ããªãããšã«ããŸããã ãã®ãããªæŒç¿ãè¡ã£ãåŸãå°æ¥çã«ã¯ã¯ããã«ç©ããã«ãªããèªä¿¡ãæãŠãããã«ãªããŸããããã«ãããã«ç©ã¿äžããæŸèæã¯ããã«æããã«ãªããŸãã
誰ã§ãç§ãã¡ã«æçŽãæžãããšãã§ããæžããããã¹ãŠã®ã³ãŒãã®ãœãŒã¹ãšãã¹ãŠã® palybook ãåãåãããšãã§ããŸãã ãããã£ãŒã«ã®é£çµ¡å ã
æèŠ
ç§ãã¡ã®æèŠã§ã¯ãèªååã§ããããã»ã¹ã¯ãŸã å ·äœåãããŠããŸããã ç§ãã¡ãééããããšããããŠè¥¿åŽã®ååãè°è«ããŠããããšã«åºã¥ããŠããããŸã§ã®ãšãã次ã®ããŒããèŠããŠããŸãã
- ããã€ã¹ã®ããããžã§ãã³ã°ã
- ããŒã¿åé;
- å ±å;
- ãã©ãã«ã·ã¥ãŒãã£ã³ã°;
- ã³ã³ãã©ã€ã¢ã³ã¹ã
èå³ãããã°ãæå®ããããããã¯ã® XNUMX ã€ã«ã€ããŠãã£ã¹ã«ãã·ã§ã³ãç¶ããããšãã§ããŸãã
èªååã«ã€ããŠãå°ãã話ããããšæããŸãã ç§ãã¡ã®ç解ã§ã¯ãããã¯æ¬¡ã®ããã«ããã¹ãã§ãã
- ã·ã¹ãã ã¯äººãªãã§ãåç¶ãã人ã«ãã£ãŠæ¹è¯ãããªããã°ãªããŸããã ã·ã¹ãã ã¯äººéã«äŸåãã¹ãã§ã¯ãããŸããã
- æäœã¯å°é家ã§ãªããã°ãªããŸããã æ¥åžžçãªã¿ã¹ã¯ãå®è¡ããã¹ãã·ã£ãªã¹ãã®ã¯ã©ã¹ã¯ãããŸããã ã«ãŒãã³å šäœãèªååããè€éãªåé¡ã ãã解決ããå°é家ãããŸãã
- æ¥åžžçãªæšæºã¿ã¹ã¯ã¯ããã¿ã³ãæŒãã ããã§èªåçã«å®è¡ããããªãœãŒã¹ãç¡é§ã«ãªãããšã¯ãããŸããã ãã®ãããªã¿ã¹ã¯ã®çµæã¯åžžã«äºæž¬å¯èœã§ãããç解å¯èœã§ãã
ãããŠããããã®ç¹ã¯æ¬¡ã®ããšã«ã€ãªããã¯ãã§ãã
- IT ã€ã³ãã©ã¹ãã©ã¯ãã£ã®éææ§ (éçšãææ°åãå®è£ ã®ãªã¹ã¯ãå°ãªãã幎éã®ããŠã³ã¿ã€ã ãå°ãªã)ã
- IT ãªãœãŒã¹ãèšç»ããæ©èœ (ãã£ãã·ãã£èšç»ã·ã¹ãã - åäžã·ã¹ãã ã§ã©ãã ãã®ãªãœãŒã¹ãæ¶è²»ãããŠããããã©ãã ãã®ãªãœãŒã¹ãå¿ èŠãã確èªã§ããŸããæçŽããããéšéãžã®èšªåã«ãã£ãŠã§ã¯ãããŸãã)ã
- ITã¹ã¿ããã®æ°ãåæžã§ããå¯èœæ§ã
èšäºã®èè
: Alexander Chelovekov (CCIE RSãCCIE SP) ããã³ Pavel Kirillovã ç§ãã¡ã¯ãIT ã€ã³ãã©ã¹ãã©ã¯ãã£ã®èªååãããŒããšãããœãªã¥ãŒã·ã§ã³ã«ã€ããŠè°è«ããææ¡ããããšã«èå³ããããŸãã
åºæïŒ habr.com