Kodi ndizovuta kupanga makina enieni (VM) mumtambo? Palibe chovuta kuposa kupanga tiyi. Koma zikafika ku bungwe lalikulu, ngakhale kuchitapo kanthu kosavuta kotereku kumatha kukhala kotalika mopweteka. Sikokwanira kupanga makina enieni; muyeneranso kupeza mwayi wogwira ntchito molingana ndi malamulo onse. Ululu wodziwika bwino kwa wopanga aliyense? Mu banki ina yaikulu, njirayi inatenga maola angapo mpaka masiku angapo. Ndipo popeza panali mazana a ntchito zofananira pamwezi, nkosavuta kulingalira kukula kwa chiwembu chowonongera anthu ntchito. Kuti tithetse izi, tidasinthiratu mtambo wachinsinsi wa banki ndikungopanga ma VM okha, komanso magwiridwe antchito.
Ntchito nambala 1. Cloud ndi intaneti
Banki idapanga mtambo wachinsinsi pogwiritsa ntchito gulu lake lamkati la IT pagawo limodzi lamaneti. Patapita nthawi, oyang'anira adayamikira ubwino wake ndipo adaganiza zowonjezera malingaliro amtambo wachinsinsi kumadera ena ndi magawo ena a banki. Izi zimafuna akatswiri ochulukirapo komanso ukatswiri wamphamvu mumtambo wachinsinsi. Chifukwa chake, gulu lathu lidapatsidwa ntchito yosinthira mtambo kukhala wamakono.
Mtsinje waukulu wa polojekitiyi unali kupangidwa kwa makina enieni mu gawo lina la chitetezo cha chidziwitso - m'dera lopanda asilikali (DMZ). Apa ndi pamene ntchito za banki zimaphatikizidwa ndi machitidwe akunja omwe ali kunja kwa mabanki.
Koma mendulo iyi inalinso ndi mbali yake. Ntchito zochokera ku DMZ zinalipo "kunja" ndipo izi zimaphatikizapo ziwopsezo zambiri zachitetezo. Choyamba, ichi ndi chiwopsezo cha kuthyolako machitidwe, kufalikira kwa malo oukira ku DMZ, ndikulowa muzomangamanga za banki. Kuti tichepetse zoopsazi, tidafuna kugwiritsa ntchito njira yowonjezera yachitetezo - yankho la magawo ang'onoang'ono.
Chitetezo cha Microsegmentation
Gawo lakale limapanga malire otetezedwa pamalire a maukonde pogwiritsa ntchito firewall. Ndi microsegmentation, VM iliyonse imatha kupatulidwa kukhala gawo laumwini, lodzipatula.
Izi zimakulitsa chitetezo chadongosolo lonse. Ngakhale owukira atathyola seva imodzi ya DMZ, zidzakhala zovuta kwambiri kwa iwo kufalitsa kuwukira pamanetiweki - adzadutsa "zitseko zokhoma" zambiri pamaneti. Chozimitsa moto cha VM iliyonse chimakhala ndi malamulo ake okhudza izo, zomwe zimatsimikizira ufulu wolowa ndikutuluka. Tidapereka magawo ang'onoang'ono pogwiritsa ntchito VMware NSX-T Distributed Firewall. Chogulitsachi chimapanga malamulo a firewall a VMs ndikuwagawa pazipangizo zamakono. Ziribe kanthu kuti ndi OS yanji yomwe imagwiritsidwa ntchito, lamuloli limagwiritsidwa ntchito pamlingo wolumikiza makina enieni ku netiweki.
Mavuto N2. Pofunafuna liwiro ndi mwayi
Kutumiza makina enieni? Mosavuta! Kudina pang'ono ndipo mwamaliza. Koma pali mafunso ambiri: momwe mungapezere mwayi kuchokera ku VM kupita ku ina kapena dongosolo? Kapena kuchokera ku dongosolo lina kubwerera ku VM?
Mwachitsanzo, mu banki, mutatha kuyitanitsa VM pamtambo wamtambo, kunali koyenera kuti mutsegule portal yothandizira luso ndikupereka pempho loti apereke mwayi wofunikira. Kulakwitsa kwa pulogalamuyo kudapangitsa kuti pakhale mafoni ndi makalata kuti akonze vutoli. Nthawi yomweyo, VM imatha kukhala ndi ma 10-15-20 ndikuwongolera chilichonse chimatenga nthawi. Njira ya Mdyerekezi.
Kuonjezera apo, "kuyeretsa" zizindikiro za moyo wa makina akutali kumafuna chisamaliro chapadera. Atachotsedwa, malamulo ambiri ofikira adatsalira paziwopsezo, ndikukweza zida. Izi ndizowonjezera zolemetsa komanso mabowo achitetezo.
Simungathe kuchita izi ndi malamulo mumtambo. Ndizovuta komanso zosatetezeka.
Kuti tichepetse nthawi yomwe imafunika kuti tipeze mwayi wopezeka ku ma VM ndikuwapangitsa kukhala osavuta kuwawongolera, tapanga njira yoyendetsera ma VM.
Wogwiritsa ntchito pamlingo wamakina pamindandanda yankhani amasankha chinthu kuti apange lamulo lofikira, ndiyeno mu mawonekedwe omwe amatsegula amatchula magawo - kuchokera komwe, komwe, mitundu ya protocol, manambala adoko. Mukadzaza ndi kutumiza fomuyo, matikiti ofunikira amapangidwa okha mu pulogalamu yothandizira ukadaulo yotengera HP Service Manager. Iwo ali ndi udindo wovomereza izi kapena izi ndipo, ngati mwayi wavomerezedwa, kwa akatswiri omwe amachita zina zomwe sizinachitike zokha.
Pambuyo pa siteji ya bizinesi yokhudzana ndi akatswiri yagwira ntchito, gawo la ntchitoyo limayamba lomwe limapanga malamulo paziwopsezo zamoto.
Monga chord chomaliza, wogwiritsa ntchito amawona pempho lomalizidwa bwino pa portal. Izi zikutanthauza kuti lamuloli lapangidwa ndipo mutha kugwira nawo ntchito - kuwona, kusintha, kufufuta.
Mapindu omaliza
Kwenikweni, tidasintha mawonekedwe ang'onoang'ono amtambo wachinsinsi, koma banki idachita bwino. Ogwiritsa ntchito tsopano amalandira mwayi wopezera maukonde kudzera pa portal, popanda kuchita mwachindunji ndi Service Desk. Magawo ovomerezeka a mawonekedwe, kutsimikizira kwawo kulondola kwa zomwe zalowetsedwa, mindandanda yokonzedweratu, deta yowonjezera - zonsezi zimathandiza kupanga pempho lolondola, lomwe ndi mwayi waukulu lidzaganiziridwa ndipo silidzakanidwa ndi ogwira ntchito zachitetezo chazidziwitso. kulowetsa zolakwika. Makina owoneka bwino salinso mabokosi akuda - mutha kupitiliza kugwira nawo ntchito posintha ma portal.
Zotsatira zake, masiku ano akatswiri a IT aku banki ali ndi chida chosavuta chopezera mwayi, ndipo ndi anthu okhawo omwe akutenga nawo gawo, popanda omwe sangachite popanda. Pazonse, pankhani ya ndalama zogwirira ntchito, uku ndikumasulidwa ku katundu watsiku ndi tsiku wa munthu mmodzi, komanso maola ambiri osungidwa kwa ogwiritsa ntchito. Makina opanga malamulo adapangitsa kuti zitheke kukhazikitsa njira yogawa magawo ang'onoang'ono omwe samapangitsa kuti ogwira ntchito ku banki akhale olemetsa.
Ndipo potsiriza, "lamulo lofikira" linakhala gawo lowerengera lamtambo. Ndiko kuti, tsopano mtambo umasunga zambiri za malamulo a ma VM onse ndikuwayeretsa pamene makina enieni achotsedwa.
Posachedwa phindu lamakono lidzafalikira kumtambo wonse wa banki. Makina opanga ma VM ndi magawo ang'onoang'ono adutsa DMZ ndikugwira zigawo zina. Ndipo izi zinaonjezera chitetezo cha mtambo wonse.
Njira yothetsera vutoli imakhalanso yosangalatsa chifukwa imalola banki kufulumizitsa njira zachitukuko, ndikubweretsa pafupi ndi chitsanzo cha makampani a IT malinga ndi ndondomekoyi. Kupatula apo, zikafika pamapulogalamu am'manja, ma portal, ndi ntchito zamakasitomala, kampani iliyonse yayikulu masiku ano imayesetsa kukhala "fakitale" yopanga zinthu zama digito. M'lingaliroli, mabanki amasewera limodzi ndi makampani amphamvu kwambiri a IT, akugwirizana ndi kupanga mapulogalamu atsopano. Ndipo ndi zabwino pamene mphamvu za IT zomangidwa pamtundu wamtambo wachinsinsi zimakulolani kugawa zofunikira pa izi mumphindi zochepa komanso motetezeka momwe mungathere.
Olemba:
Vyacheslav Medvedev, Mtsogoleri wa Cloud Computing Department, Jet Infosystems,
Ilya Kuikin, injiniya wotsogolera wa dipatimenti ya cloud computing ya Jet Infosystems
Source: www.habr.com