Pulogalamu ya ProHoster > Blog > Ulamuliro > Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

SDSM yatha, koma chikhumbo chosalamulirika cholemba chimakhalabe.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Kwa zaka zambiri, m’bale wathu ankavutika chifukwa chogwira ntchito zachizoloŵezi, kuphatikana zala zake asanagwire ntchito komanso kusowa tulo chifukwa cha kubweza usiku.
Koma nthawi zamdima zikutha.

Ndi nkhaniyi ndiyamba mndandanda wa momwe kwa ine automation ikuwoneka.
Panjira, tidzamvetsetsa magawo a automation, kusunga zosintha, kupanga mapangidwe, RestAPI, NETCONF, YANG, YDK ndipo tipanga mapulogalamu ambiri.
Kwa ine zikutanthauza kuti a) sichoonadi chenicheni, b) si njira yabwino kwambiri, c) maganizo anga, ngakhale panthawi yosuntha kuchokera ku nkhani yoyamba mpaka yotsiriza, akhoza kusintha - kukhala woona mtima, kuchokera pamasewero mpaka kufalitsa, ndinalembanso zonse kawiri konse.

Zamkatimu

  1. Zolinga
    1. Network ili ngati chamoyo chimodzi
    2. Kuyesa kosintha
    3. Kusintha
    4. Kuyang'anira ndi kudzichiritsa nokha kwa mautumiki

  2. Njira
    1. Inventory system
    2. IP space management system
    3. Netiweki yofotokozera zautumiki
    4. Makina oyambitsa chipangizo
    5. Wogulitsa-agnostic kasinthidwe chitsanzo
    6. Madalaivala okhudzana ndi ogulitsa
    7. Njira yoperekera kasinthidwe ku chipangizocho
    8. CI/CD
    9. Mechanism yosunga zosunga zobwezeretsera ndikusaka zopatuka
    10. Monitoring system

  3. Pomaliza

Ndiyesera kuchita ADSM mumtundu wosiyana pang'ono ndi SDSM. Nkhani zazikulu, zatsatanetsatane, zowerengeka zidzapitirira kuonekera, ndipo pakati pawo ndidzasindikiza zolemba zazing'ono kuchokera ku zochitika za tsiku ndi tsiku. Ndiyesetsa kulimbana ndi malingaliro angwiro pano ndipo osanyambita aliyense wa iwo.

Ndizoseketsa bwanji kuti nthawi yachiwiri muyenera kudutsa njira yomweyo.

Poyamba ndimayenera kulemba zolemba za ma network ndekha chifukwa sanali pa RuNet.

Tsopano sindinapeze chikalata chokwanira chomwe chingasinthe njira zopangira zokha ndikusanthula matekinoloje omwe ali pamwambapa pogwiritsa ntchito zitsanzo zosavuta.

Ndikhoza kukhala ndikulakwitsa, kotero chonde perekani maulalo azinthu zothandiza. Komabe, izi sizingasinthe kutsimikiza kwanga kulemba, chifukwa cholinga chachikulu ndikuphunzira chinachake ndekha, ndikupangitsa moyo kukhala wosavuta kwa ena ndi bonasi yosangalatsa yomwe imakhudza jini kuti igawane nawo zochitika.

Tiyesa kutenga malo opangira data apakati a LAN DC ndikukonza dongosolo lonse lodzipangira zokha.
Ndikhala ndikuchita zinthu zina kwa nthawi yoyamba ndi inu.

Sindidzakhala woyamba mu malingaliro ndi zida zomwe zafotokozedwa apa. Dmitry Figol ndi wabwino kwambiri njira yokhala ndi mitsinje pamutuwu.
Zolembazo zidzalumikizana nawo pazinthu zambiri.

LAN DC ili ndi ma DC 4, ma switch pafupifupi 250, ma routers theka la khumi ndi awiri ndi ma firewall angapo.
Osati Facebook, koma zokwanira kuti muganizire mozama za automation.
Komabe, pali lingaliro lakuti ngati muli ndi chipangizo choposa 1, makina odzipangira okha amafunika kale.
Ndipotu, n'zovuta kulingalira kuti aliyense angathe kukhala ndi moyo popanda paketi ya malemba a mawondo.
Ngakhale ndinamva kuti pali maofesi omwe ma adilesi a IP amasungidwa ku Excel, ndipo chilichonse mwa zikwizikwi za zida zapaintaneti zimakonzedwa pamanja ndipo zimakhala ndi makonzedwe ake apadera. Izi, ndithudi, zikhoza kuperekedwa ngati luso lamakono, koma malingaliro a injiniya adzakhumudwadi.

Zolinga

Tsopano tikhazikitsa zolinga zosamveka kwambiri:

  • Network ili ngati chamoyo chimodzi
  • Kuyesa kosintha
  • Kusintha kwa Network state
  • Kuyang'anira ndi kudzichiritsa nokha kwa mautumiki

Pambuyo pake m'nkhaniyi tiwona njira zomwe tidzagwiritse ntchito, ndipo zotsatirazi, tiwona zolinga ndi njira mwatsatanetsatane.

Network ili ngati chamoyo chimodzi

Mawu ofotokozera a mndandanda, ngakhale poyang'ana koyamba angawoneke ngati osafunikira kwambiri: tidzakonza maukonde, osati zida payekha.
M'zaka zaposachedwa, tawona kusintha pakugogomezera kuchitira netiweki ngati chinthu chimodzi, chifukwa chake Mapulogalamu Otanthauziridwa ndi Mapulogalamu, Intent Driven Networks и Autonomous Networks.
Kupatula apo, mapulogalamu amafunikira chiyani padziko lonse lapansi pamanetiweki: kulumikizana pakati pa mfundo A ndi B (chabwino, nthawi zina + B-Z) ndikudzipatula ku mapulogalamu ena ndi ogwiritsa ntchito.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Ndiye ntchito yathu mndandandawu ndi kupanga dongosolo, kusunga kasinthidwe kamakono network yonse, yomwe yawonongeka kale kukhala kasinthidwe kwenikweni pa chipangizo chilichonse malinga ndi udindo wake ndi malo ake.
dongosolo kasamalidwe ka netiweki kumatanthauza kuti kuti tisinthe timalumikizana nawo, ndipo nawonso, amawerengera zomwe akufuna pa chipangizo chilichonse ndikuchikonza.
Mwanjira imeneyi, timachepetsa mwayi wofikira pamanja ku CLI mpaka pafupifupi ziro - zosintha zilizonse pazida kapena kapangidwe kamanetiweki ziyenera kukhazikitsidwa ndikulembedwa - kenako ndikukankhidwira kuzinthu zofunikira pamaneti.

Izi ndizo, mwachitsanzo, ngati titaganiza kuti kuyambira pano zosintha za rack ku Kazan ziyenera kulengeza maukonde awiri m'malo mwa amodzi,

  1. Choyamba timalemba kusintha kwa machitidwe
  2. Kupanga chandamale kasinthidwe zipangizo zonse maukonde
  3. Timakhazikitsa pulogalamu yosinthira ma network, yomwe imawerengera zomwe ziyenera kuchotsedwa pa node iliyonse, zomwe mungawonjezere, ndikubweretsa ma node kumalo omwe mukufuna.

Panthawi imodzimodziyo, timasintha pamanja pa sitepe yoyamba.

Kuyesa kosintha

Wodziwikakuti 80% ya mavuto amachitika pakusintha kasinthidwe - umboni wosalunjika wa izi ndikuti patchuthi cha Chaka Chatsopano chilichonse chimakhala bata.
Ndawonapo nthawi zambiri zapadziko lonse lapansi chifukwa cha zolakwika za anthu: lamulo lolakwika, kasinthidwe kadachitika munthambi yolakwika, anthu ammudzi anaiwala, MPLS idagwetsedwa padziko lonse lapansi pa rauta, zida zisanu zidakhazikitsidwa, koma cholakwikacho sichinachitike. anaona pa lachisanu ndi chimodzi, zosintha zakale zopangidwa ndi munthu wina zinachitidwa . Pali matani a zochitika.

Zochita zokha zidzatilola kupanga zolakwika zochepa, koma pamlingo waukulu. Mwanjira iyi mutha njerwa osati chipangizo chimodzi chokha, koma maukonde onse nthawi imodzi.

Kuyambira nthawi zakale, agogo athu aamuna adayang'ana kulondola kwa kusintha komwe kunapangidwa ndi diso lakuthwa, mipira yachitsulo ndi ntchito ya maukonde atatulutsidwa.
Agogo aamuna omwe ntchito zawo zinapangitsa kuti pakhale nthawi yochepetsera komanso kutayika koopsa kunasiya ana ochepa ndipo ayenera kufa pakapita nthawi, koma chisinthiko ndi ndondomeko yapang'onopang'ono, choncho si onse omwe akuyesabe kusintha kwa labotale poyamba.
Komabe, patsogolo pa kupita patsogolo ndi omwe adzipangira okha njira yoyesera kasinthidwe ndikugwiritsanso ntchito pa intaneti. Mwanjira ina, ndidabwereka njira ya CI/CD (Kuphatikizika Kopitiriza, Kutumiza Kopitiriza) kuchokera kwa opanga.
Mu gawo limodzi tiwona momwe tingagwiritsire ntchito izi pogwiritsa ntchito makina owongolera, mwina Github.

Mukangozolowera lingaliro la network CI/CD, nthawi yomweyo njira yowonera masinthidwe poyiyika pamaneti opanga idzawoneka ngati kusazindikira kwakanthawi. Kukhala ngati kumenya mutu wankhondo ndi nyundo.

Kupitilira kwa organic kwa malingaliro okhudza dongosolo kasamalidwe ka netiweki ndi CI/CD imakhala kusinthika kwathunthu kwa kasinthidwe.

Kusintha

Tidzaganiza kuti ndi zosintha zilizonse, ngakhale zazing'ono kwambiri, ngakhale pa chipangizo chimodzi chosazindikirika, maukonde onse amayenda kuchokera kudera lina kupita ku lina.
Ndipo nthawi zonse sitipereka lamulo pa chipangizocho, timasintha mawonekedwe a intaneti.
Ndiye tiyeni titchule mabaibulo awa?

Tinene kuti mtundu wamakono ndi 1.0.0.
Kodi adilesi ya IP ya mawonekedwe a Loopback pa imodzi mwa ma ToR yasintha? Uwu ndi mtundu wawung'ono ndipo ukhala ndi nambala 1.0.1.
Tinakonzanso ndondomeko zotumizira maulendo ku BGP - mozama kwambiri - kale 1.1.0
Tidaganiza zochotsa IGP ndikusinthira ku BGP kokha - uku ndikosintha kale - 2.0.0.

Panthawi imodzimodziyo, ma DC osiyanasiyana akhoza kukhala ndi matembenuzidwe osiyanasiyana - maukonde akukula, zida zatsopano zikuyikidwa, miyeso yatsopano ya spines ikuwonjezeredwa kwinakwake, osati mwa ena, ndi zina zotero.

pa kumasulira kwa semantic tidzakambirana m'nkhani ina.

Ndikubwereza - kusintha kulikonse (kupatula malamulo ochotsa zolakwika) ndikosintha. Oyang'anira akuyenera kudziwitsidwa zapatuka kulikonse pamtundu wapano.

Zomwezo zimagwiranso ntchito pakubweza zosintha - izi sizikuletsa malamulo omaliza, uku sikubwezanso pogwiritsa ntchito makina opangira - izi zikubweretsa netiweki yonse ku mtundu watsopano (wakale).

Kuyang'anira ndi kudzichiritsa nokha kwa mautumiki

Ntchito yodziwonetsera iyi yafika pamlingo watsopano mu maukonde amakono.
Nthawi zambiri, opereka chithandizo chachikulu amatenga njira yomwe ntchito yolephera imayenera kukonzedwa mwachangu kwambiri ndikukweza yatsopano, m'malo mongoganizira zomwe zidachitika.
"Kwambiri" kumatanthauza kuti muyenera kuphimbidwa mowolowa manja kumbali zonse ndi kuyang'anitsitsa, zomwe m'masekondi ochepa chabe zidzazindikira zopatuka pang'ono kuchokera pachizolowezi.
Ndipo apa ma metric wamba, monga kutsitsa mawonekedwe kapena kupezeka kwa node, sizokwanira. Kuyang'anira pamanja ndi woyang'anira ntchito sikokwanira.
Kwa zinthu zambiri ziyenera kukhala Kudzichiritsa - magetsi owunikira adasanduka ofiira ndipo tidapita ndikuyika plantain tokha komwe idapweteka.

Ndipo apa sitimayang'aniranso zida zapayekha, komanso thanzi la maukonde onse, onse a whitebox, omwe amamveka bwino, ndi blackbox, yomwe ndi yovuta kwambiri.

Kodi tidzafunika chiyani kuti tikwaniritse zolinga zazikuluzikuluzi?

  • Khalani ndi mndandanda wa zida zonse pa netiweki, malo awo, maudindo, zitsanzo, mitundu ya mapulogalamu.
    kazan-leaf-1.lmu.net, Kazan, leaf, Juniper QFX 5120, R18.3.
  • Khalani ndi dongosolo lofotokozera mautumiki apaintaneti.
    IGP, BGP, L2/3VPN, Policy, ACL, NTP, SSH.
  • Kutha kuyambitsa chipangizocho.
    Hostname, Mgmt IP, Mgmt Route, Ogwiritsa, RSA-Keys, LLDP, NETCONF
  • Konzani chipangizo ndikubweretsa kasinthidwe ku mtundu womwe mukufuna (kuphatikiza wakale).
  • Mayesero kasinthidwe
  • Nthawi ndi nthawi, yang'anani momwe zida zonse zilili zopatuka kuchokera pazomwe zilipo ndikuwuza yemwe zikuyenera kukhala.
    Usiku, wina adawonjezera mwakachetechete lamulo ku ACL.
  • Yang'anirani momwe ntchito ikugwirira ntchito.

Njira

Zikumveka zovuta kuti tiyambe kuwola pulojekitiyi kukhala zigawo.

Ndipo padzakhala khumi mwa iwo:

  1. Inventory system
  2. IP space management system
  3. Netiweki yofotokozera zautumiki
  4. Makina oyambitsa chipangizo
  5. Wogulitsa-agnostic kasinthidwe chitsanzo
  6. Madalaivala okhudzana ndi ogulitsa
  7. Njira yoperekera kasinthidwe ku chipangizocho
  8. CI/CD
  9. Mechanism yosunga zosunga zobwezeretsera ndikusaka zopatuka
  10. Monitoring system

Izi, mwa njira, ndi chitsanzo cha momwe malingaliro pa zolinga za kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka kayendetsedwe kake kakusintha bwanji.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

M'fanizoli ndidawonetsa zigawo zonse ndi chipangizocho.
Zigawo zodutsana zimagwirizana.
Kukula kwa chipikacho, chidwi kwambiri chiyenera kuperekedwa ku gawoli.

Gawo 1: Inventory System

Mwachiwonekere, tikufuna kudziwa zomwe zida zili komweko, zomwe zimalumikizidwa.
Dongosolo lazinthu ndi gawo lofunikira labizinesi iliyonse.
Nthawi zambiri, bizinesi imakhala ndi njira yosungiramo zida zapaintaneti, zomwe zimathetsa zovuta zina.
Monga gawo la zolemba izi, tidzazitcha DCIM - Data Center Infrastructure Management. Ngakhale mawu akuti DCIM palokha, kunena mosapita m'mbali, akuphatikizapo zambiri.

Pazolinga zathu, tidzasunga izi zokhudzana ndi chipangizocho:

  • Nambala yazinthu
  • Mutu/Mafotokozedwe
  • Chitsanzo (Huawei CE12800, Juniper QFX5120, etc.)
  • Makhalidwe (matabwa, interfaces, etc.)
  • Udindo (Leaf, Spine, Border Router, etc.)
  • Malo (dera, mzinda, data center, rack, unit)
  • Kulumikizana pakati pa zida
  • Network topology

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Ndi zoonekeratu kuti ife tokha tikufuna kudziwa zonsezi.
Koma kodi izi zitha kuthandiza pazifukwa zodzichitira okha?
Mosakayikira.
Mwachitsanzo, tikudziwa kuti mu malo opatsidwa deta pa Leaf switches, ngati ndi Huawei, ACLs zosefera magalimoto ena ziyenera kugwiritsidwa ntchito pa VLAN, ndipo ngati ndi Juniper, ndiye pa unit 0 ya mawonekedwe a thupi.
Kapena muyenera kutulutsa seva yatsopano ya Syslog kumalire onse amderali.

M'menemo tidzasungira zipangizo zamakono, mwachitsanzo ma routers kapena zowunikira mizu. Titha kuwonjezera ma seva a DNS, NTP, Syslog ndi zonse zomwe mwanjira ina zimagwirizana ndi netiweki.

Gawo 2: IP kasamalidwe ka malo

Inde, ndipo masiku ano pali magulu a anthu omwe amatsata ma prefixes ndi ma adilesi a IP mu fayilo ya Excel. Koma njira yamakono idakali nkhokwe, yokhala ndi kutsogolo kwa nginx / apache, API ndi ntchito zambiri zojambulira ma adilesi a IP ndi maukonde ogawidwa kukhala VRFs.
IPAM - IP Address Management.

Zolinga zathu, tidzasunga izi:

  • Zithunzi za VLAN
  • Chithunzi cha VRF
  • Ma Networks/Subnet
  • IP ma adilesi
  • Kumanga maadiresi kuzipangizo, maukonde kumalo ndi manambala a VLAN

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Apanso, zikuwonekeratu kuti tikufuna kuwonetsetsa kuti tikapereka adilesi yatsopano ya IP ya ToR loopback, sitidzapunthwa chifukwa idaperekedwa kale kwa wina. Kapena kuti tidagwiritsa ntchito mawu oyamba omwewo kawiri kumapeto kwa netiweki.
Koma izi zimathandiza bwanji ndi automation?
Mosavuta.
Timapempha prefix mu dongosolo ndi udindo wa Loopbacks, womwe uli ndi ma adilesi a IP omwe akupezeka kuti agawidwe - ngati apezeka, timagawira adilesi, ngati sichoncho, tikupempha kuti pakhale chiyambi chatsopano.
Kapena popanga kasinthidwe kachipangizo, titha kudziwa kuchokera kudongosolo lomwelo momwe mawonekedwe a VRF ayenera kukhalira.
Ndipo poyambitsa seva yatsopano, script imalowa mu dongosolo, imapeza kuti seva ili mkati, ndi doko liti ndi subnet yomwe imaperekedwa ku mawonekedwe - ndikugawa adilesi ya seva kuchokera pamenepo.

Izi zikuwonetsa chikhumbo chophatikiza DCIM ndi IPAM kukhala kachitidwe kamodzi kuti asamabwereze ntchito komanso kuti asatumikire mabungwe awiri ofanana.
Ndi chimene ife tichita.

Gawo 3. Dongosolo lofotokozera mautumiki apakompyuta

Ngati machitidwe awiri oyambirira amasunga zosinthika zomwe zikufunikabe kugwiritsidwa ntchito mwanjira ina, ndiye kuti lachitatu limafotokoza za gawo lililonse la chipangizocho momwe liyenera kukhazikitsidwa.
Ndikoyenera kusiyanitsa mitundu iwiri ya mautumiki apaintaneti:

  • Zomangamanga
  • Wothandizira.

Zoyambazo zidapangidwa kuti zizipereka kulumikizana kofunikira ndikuwongolera zida. Izi zikuphatikiza VTY, SNMP, NTP, Syslog, AAA, ma protocol, CoPP, ndi zina zambiri.
Omaliza amakonza ntchito za kasitomala: MPLS L2/L3VPN, GRE, VXLAN, VLAN, L2TP, etc.
Zachidziwikire, palinso milandu yamalire - komwe mungaphatikizepo MPLS LDP, BGP? Inde, ndipo ma protocol atha kugwiritsidwa ntchito kwa makasitomala. Koma izi sizofunika.

Mitundu yonse iwiri ya mautumikiwa yasinthidwa kukhala zoyambira zoyambira:

  • mawonekedwe akuthupi ndi omveka (tag/anteg, mtu)
  • Ma adilesi a IP ndi ma VRF (IP, IPv6, VRF)
  • Ma ACL ndi ndondomeko zoyendetsera magalimoto
  • Protocols (IGP, BGP, MPLS)
  • Ndondomeko zamayendedwe (mindandanda yachiyambi, madera, zosefera za ASN).
  • Ntchito zothandizira (SSH, NTP, LLDP, Syslog...)
  • Ndi zina zotero.

Momwe tingachitire izi, sindikudziwa panobe. Tiona m'nkhani ina.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Ngati kuyandikira pang'ono ku moyo, ndiye kuti titha kufotokoza izi
Kusintha kwa Leaf kuyenera kukhala ndi magawo a BGP okhala ndi masiwichi onse olumikizidwa a Spine, kulowetsa maukonde olumikizidwa munjirayo, ndikuvomereza maukonde okha kuchokera pachimake choyambirira kuchokera ku Spine switch. Malireni CoPP IPv6 ND mpaka 10 pps, ndi zina.
Momwemonso, ma spines amakhala ndi magawo omwe ali ndi zitsogozo zonse zolumikizidwa, zomwe zimagwira ngati zowunikira mizu, ndikuvomereza kuchokera kwa iwo njira zokha zautali wina ndi gulu linalake.

Gawo 4: Chida Choyambitsa Njira

Pansi pamutuwu ndikuphatikiza zochita zambiri zomwe ziyenera kuchitika kuti chipangizo chiwonekere pa radar ndikufikira kutali.

  1. Lowetsani chipangizocho mu dongosolo lazinthu.
  2. Sankhani adilesi ya IP yoyang'anira.
  3. Konzani zoyambira zofikirako:
    Hostname, kasamalidwe adilesi ya IP, njira yopita ku netiweki yoyang'anira, ogwiritsa ntchito, makiyi a SSH, ma protocol - telnet/SSH/NETCONF

Pali njira zitatu:

  • Chirichonse ndi kwathunthu pamanja. Chipangizocho chimabweretsedwa poyimilira, pomwe munthu wamba wamba adzalowa m'makina, kulumikizana ndi console ndikuyikonza. Itha kugwira ntchito pamanetiweki ang'onoang'ono osasunthika.
  • ZTP - Zero Touch Provisioning. Zida zidafika, zidayimilira, zidalandira adilesi kudzera pa DHCP, zidapita ku seva yapadera, ndikudzikonza.
  • Zomangamanga za maseva a console, komwe kusinthidwa koyambirira kumachitika kudzera pa doko la console mumachitidwe odziwikiratu.

Tikambirana zonse zitatu m'nkhani yosiyana.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Gawo 5: Mtundu wosinthika wa Vendor-agnostic

Mpaka pano, machitidwe onse akhala amitundu yosiyanasiyana omwe amapereka zosinthika komanso kufotokozera momveka bwino zomwe tikufuna kuwona pamaneti. Koma posapita nthawi, mudzafunika kuthana ndi zinthu zina.
Panthawiyi, pa chipangizo chilichonse, zoyamba, mautumiki ndi zosinthika zimaphatikizidwa kukhala chitsanzo cha kasinthidwe chomwe chimafotokoza kukhazikitsidwa kwathunthu kwa chipangizo china, kokha mwa njira ya ogulitsa.
Kodi sitepe iyi ikuchita chiyani? Bwanji osapanga nthawi yomweyo kasinthidwe kachipangizo komwe mungangotsitsa?
M'malo mwake, izi zimathetsa mavuto atatu:

  1. Osatengera mawonekedwe enaake polumikizana ndi chipangizocho. Khalani CLI, NETCONF, RESTCONF, SNMP - chitsanzocho chidzakhala chimodzimodzi.
  2. Musasunge chiwerengero cha ma templates / malemba malinga ndi chiwerengero cha ogulitsa pa intaneti, ndipo ngati mapangidwe asintha, sinthani zomwezo m'malo angapo.
  3. Kwezani kasinthidwe kuchokera ku chipangizocho (zosunga zobwezeretsera), chiyikeni mumtundu womwewo ndikufanizira mwachindunji kasinthidwe ka chandamale ndi chomwe chilipo kuti muwerengere delta ndikukonzekera chigamba chosinthira chomwe chidzasintha magawo omwe ali ofunikira kapena kuzindikira zopatuka.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Chifukwa cha siteji iyi, timapeza kasinthidwe kopanda ogulitsa.

Gawo 6. Mawonekedwe a dalaivala omwe ali ndi ogulitsa

Simuyenera kudzisangalatsa nokha ndi chiyembekezo kuti tsiku lina kudzakhala kotheka kukonza ciska mofanana ndendende ndi Juniper, kungowatumizira mafoni omwewo. Ngakhale kuchulukirachulukira kwa ma whiteboxes komanso kupezeka kwa chithandizo cha NETCONF, RESTCONF, OpenConfig, zomwe zili ndi ma protocol awa zimasiyana ndi ogulitsa ndi ogulitsa, ndipo ichi ndi chimodzi mwazosiyana zawo zomwe sangasiye mosavuta.
Izi ndizofanana ndi OpenContrail ndi OpenStack, zomwe zili ndi RestAPI monga mawonekedwe awo a NorthBound, amayembekezera mafoni osiyanasiyana.

Kotero, mu sitepe yachisanu, chitsanzo chodziyimira pawokha chiyenera kutenga mawonekedwe omwe adzapite ku hardware.
Ndipo apa njira zonse ndi zabwino (osati): CLI, NETCONF, RESTCONF, SNMP mophweka.

Chifukwa chake, tifunika dalaivala yemwe angasamutsire zotsatira za sitepe yapitayi kukhala mtundu wofunikira wa wogulitsa wina: seti ya malamulo a CLI, mawonekedwe a XML.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Gawo 7. Njira yoperekera kasinthidwe ku chipangizocho

Tapanga masinthidwe, koma akufunikabe kuperekedwa ku zida - ndipo, mwachiwonekere, osati ndi dzanja.
Choyamba, tayang'anizana ndi funso loti tigwiritse ntchito transport yotani? Ndipo lero kusankha sikulinso kakang'ono:

  • CLI (telenet, ssh)
  • SNMP
  • NETCONF
  • Zotsatira RESTCONF
  • REST API
  • OpenFlow (ngakhale ndi yakunja chifukwa ndi njira yoperekera FIB, osati zoikamo)

Tiyeni tiwone t apa. CLI ndi cholowa. SNMP... chifuwa chifuwa.
RESTCONF ikadali nyama yosadziwika; REST API imathandizidwa ndi pafupifupi palibe. Chifukwa chake, tiyang'ana pa NECONF mndandanda.

M'malo mwake, monga momwe owerenga adamvetsetsa kale, pakadali pano tasankha kale mawonekedwe - zotsatira za gawo lapitalo zaperekedwa kale mu mawonekedwe a mawonekedwe omwe adasankhidwa.

Chachiwiri, ndipo tidzachita izi ndi zida zotani?
Palinso kusankha kwakukulu apa:

  • Zolemba zokha kapena nsanja. Tiyeni tidzikonzekeretse ndi ncclient ndi asyncIO ndikuchita zonse tokha. Kodi zimatengera chiyani kuti tipange dongosolo lotumizira anthu kuyambira pachiyambi?
  • Ansible ndi laibulale yake yolemera ya ma module ochezera.
  • Mchere ndi ntchito yake yochepa ndi maukonde ndi kulumikizana ndi Napalm.
  • Kwenikweni Napalm, yomwe imadziwa ogulitsa angapo ndipo ndizomwezo, chabwino.
  • Nornir ndi nyama ina yomwe tidzaigawa mtsogolo.

Apa wokondedwayo sanasankhidwe - tikhala tikufufuza.

Ndi chiyani chinanso chofunikira apa? Zotsatira zakugwiritsa ntchito kasinthidwe.
Wopambana kapena ayi. Kodi mukadali ndi mwayi wopeza zida kapena ayi?
Zikuwoneka kuti kudzipereka kumathandizira apa ndikutsimikizira ndi kutsimikizira zomwe zidatsitsidwa ku chipangizocho.
Izi, kuphatikiza ndi kukhazikitsa kolondola kwa NETCONF, kumachepetsa kwambiri zida zoyenera - si ambiri opanga omwe amathandizira kuchita wamba. Koma ichi ndi chimodzi mwa zinthu zofunika kwambiri RFP. Pamapeto pake, palibe amene akudandaula kuti palibe wogulitsa mmodzi wa ku Russia amene angagwirizane ndi mawonekedwe a mawonekedwe a 32 * 100GE. Kapena ali ndi nkhawa?

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Gawo 8. CI/CD

Pakadali pano, tili kale ndi kasinthidwe kokonzekera zida zonse zamaneti.
Ndimalemba "pa chilichonse" chifukwa tikulankhula zakusintha ma network. Ndipo ngakhale mungafunike kusintha masinthidwe a switch imodzi yokha, zosintha zimawerengedwa pa netiweki yonse. Mwachiwonekere, akhoza kukhala ziro pa mfundo zambiri.

Koma, monga tanena kale, sitiri amtundu wina wa anthu osalankhula omwe amafuna kugubuduza chilichonse kuti apange.
Kukonzekera kopangidwa kuyenera kudutsa Pipeline CI/CD.

CI/CD imayimira Continuous Integration, Continuous Deployment. Iyi ndi njira yomwe gulu silimangotulutsa kumasulidwa kwakukulu kwatsopano miyezi isanu ndi umodzi, kuchotseratu yakaleyo, koma nthawi zonse imagwiritsa ntchito (Deployment) ntchito zatsopano m'magawo ang'onoang'ono, omwe amayesedwa mwatsatanetsatane kuti agwirizane, chitetezo ndi ntchito (Kuphatikiza).

Kuti tichite izi, tili ndi machitidwe owongolera matembenuzidwe omwe amayang'anira kusintha kwa kasinthidwe, labotale yomwe imayang'ana ngati ntchito yamakasitomala yasweka, dongosolo loyang'anira lomwe limayang'ana izi, ndipo chomaliza ndikutulutsa zosintha pamaneti opanga.

Kupatula malamulo ochotsa zolakwika, zosintha zonse pamaneti ziyenera kudutsa paipi ya CI/CD - ichi ndi chitsimikizo chathu cha moyo wabata ndi ntchito yayitali, yosangalatsa.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Gawo 9. Kusunga zosunga zobwezeretsera ndi njira yodziwikiratu

Chabwino, palibe chifukwa choyankhula za zosunga zobwezeretsera kachiwiri.
Tidzangowawonjezera pa korona kapena pakusintha kasinthidwe mu git.

Koma gawo lachiwiri ndilosangalatsa kwambiri - wina ayenera kuyang'anitsitsa zosungirazi. Ndipo nthawi zina, wina ayenera kupita ndikutembenuza zonse momwe zinalili, ndipo mwa ena, kuwuza wina kuti chinachake chalakwika.
Mwachitsanzo, ngati wogwiritsa ntchito watsopano wawonekera yemwe sanalembetsedwe muzosintha, muyenera kumuchotsa kutali ndi kuthyolako. Ndipo ngati kuli bwino kuti musakhudze lamulo latsopano la firewall, mwinamwake wina adangotsegula zowonongeka, kapena mwinamwake utumiki watsopano, bungler, sunalembetsedwe malinga ndi malamulo, koma anthu adalowa kale.

Sitidzathawabe madontho ang'onoang'ono pamtundu wa maukonde onse, ngakhale makina odzipangira okha komanso dzanja lamphamvu la kasamalidwe. Kuti muthetse mavuto, palibe amene angawonjezere kasinthidwe kumachitidwe. Komanso, iwo sangaphatikizidwe nkomwe mu chitsanzo cha kasinthidwe.

Mwachitsanzo, lamulo la firewall powerengera kuchuluka kwa mapaketi pa IP yeniyeni kuti apeze vuto ndikusintha kwakanthawi kochepa.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Gawo 10. Njira yowunikira

Poyamba sindikanati ndifotokoze mutu wowunika - ukadali mutu wovuta, wotsutsana komanso wovuta. Koma pamene zinthu zinkapita patsogolo, zinapezeka kuti iyi inali mbali yofunika kwambiri ya makina. Ndipo sizingatheke kuzilambalala, ngakhale popanda kuchita.

Evolving Thought ndi gawo lachilengedwe la CI/CD process. Pambuyo potulutsa kasinthidwe ku netiweki, tiyenera kudziwa ngati zonse zili bwino ndi izi.
Ndipo sitikulankhula kokha komanso osati zambiri za ndandanda yogwiritsira ntchito mawonekedwe kapena kupezeka kwa mfundo, koma za zinthu zobisika - kukhalapo kwa njira zofunika, zikhumbo pa iwo, kuchuluka kwa magawo a BGP, oyandikana nawo OSPF, Mapeto-to-Mapeto ntchito. za ntchito zowonjezera.
Kodi ma syslogs ku seva yakunja adasiya kuwonjezera, kapena wothandizira SFlow adasweka, kapena madontho a mizere adayamba kukula, kapena kulumikizana pakati pa ma prefixes ena kudasokonekera?

Tidzalingalira zimenezi m’nkhani ina.

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Automation kwa ana aang'ono. Gawo zero. Kukonzekera

Pomaliza

Monga maziko, ndidasankha imodzi mwamapangidwe amakono apakompyuta - L3 Clos Fabric yokhala ndi BGP ngati njira yolowera.
Nthawi ino tidzamanga maukonde pa Juniper, chifukwa tsopano mawonekedwe a JunOs ndi vanlove.

Tiyeni tipangitse moyo wathu kukhala wovuta kwambiri pogwiritsa ntchito zida za Open Source zokha komanso maukonde ogulitsa ambiri - kotero kuwonjezera pa Juniper, ndisankha munthu winanso wamwayi panjira.

Dongosolo la zofalitsa zomwe zikubwera ndi motere:
Choyamba ndilankhula za ma network enieni. Choyamba, chifukwa ndikufuna, ndipo kachiwiri, chifukwa popanda izi, mapangidwe a maukonde a zomangamanga sadzakhala omveka bwino.
Kenako za kapangidwe ka netiweki yokha: topology, mayendedwe, mfundo.
Tiyeni tisonkhanitse choyimira cha labotale.
Tiyeni tiganizirepo ndipo mwina tiyesetse kuyambitsa chipangizocho pa intaneti.
Ndiyeno za chigawo chilichonse mwatsatanetsatane.

Ndipo inde, sindikulonjeza kuti ndithetsa mwaulemu kuzunguliraku ndi yankho lomwe lakonzedwa kale. 🙂

maulalo othandiza

  • Musanayambe kufufuza mndandanda, ndi bwino kuwerenga buku la Natasha Samoilenko Python for Network Engineers. Ndipo mwina kupita Inde.
  • Zidzakhalanso zothandiza kuwerenga RFC za kapangidwe ka mafakitale a data Center kuchokera ku Facebook ndi Peter Lapukhov.
  • Zolemba zamamangidwe zimakupatsani lingaliro la momwe Overlay SDN imagwirira ntchito. Nsalu ya Tungsten (omwe kale anali Open Contrail).
Zikomo

Roman Gorge. Kwa ndemanga ndi zosintha.
Artyom Chernobay. Za KDPV.

Source: www.habr.com

Kuwonjezera ndemanga