ProHoster > Blog > Utongi > Automation kune vadiki. Chikamu zero. Planning

Automation kune vadiki. Chikamu zero. Planning

SDSM yapera, asi chido chisingadzoreki chekunyora chinoramba chiripo.

Automation kune vadiki. Chikamu zero. Planning

Kwemakore akawanda, hama yedu yaitambura nekuita basa remazuva ose, kupesanisa zvigunwe zvayo isati yaita uye kushaya hope nemhaka yekuchinja kweusiku.
Asi nguva dzerima dziri kupera.

Nechinyorwa ichi ndichatanga nhevedzano yekuti sei kwandiri otomatiki inooneka.
Tiri munzira, isu tichanzwisisa nhanho dze otomatiki, kuchengetedza zvinoshanduka, dhizaini dhizaini, RestAPI, NETCONF, YANG, YDK uye tichaita yakawanda hurongwa.
Kwandiri zvinoreva kuti a) hachisi chokwadi chine chinangwa, b) haisi iyo nzira yakanakisa, c) maonero angu, kunyangwe panguva yekufamba kubva kune yekutanga kusvika kune yekupedzisira chinyorwa, anogona kuchinja - kuve akatendeseka, kubva padanho rekunyora kuenda kudhindwa, ndakanyorazve zvese zvakazara kaviri.

Zviri mukati

  1. Zvinangwa
    1. Mambure akaita sechisikwa chimwe chete
    2. Configuration test
    3. Versioning
    4. Kuongorora uye kuzviporesa kwemabasa

  2. Mari
    1. Inventory system
    2. IP space management system
    3. Network sevhisi tsananguro system
    4. Chigadzirwa chekutanga nzira
    5. Vendor-agnostic configuration model
    6. Vendor-specific driver interface
    7. Mechanism yekuendesa zvigadziriso kune mudziyo
    8. CI / CD
    9. Mechanism yekuchengetedza uye kutsvaga kutsauka
    10. Monitoring system

  3. mhedziso

Ini ndichaedza kuitisa ADSM mufomati yakati siyanei neSDSM. Zvinyorwa zvakakura, zvakatsanangurwa, zvine nhamba zvicharamba zvichionekwa, uye pakati pavo ndichabudisa zvinyorwa zviduku kubva pane zvakaitika zuva nezuva. Ini ndichaedza kurwisa kukanganisa pano uye kwete kunanzva imwe neimwe yadzo.

Zvinosekesa sei kuti kechipiri unofanira kufamba nenzira imwe chete.

Pakutanga ndaifanira kunyora zvinyorwa nezve network pachangu nekuda kwekuti ivo vaive vasiri paRuNet.

Zvino ini handina kuwana gwaro rakazara raizogadzirisa nzira dzekuita otomatiki uye kuongorora matekinoroji ari pamusoro ndichishandisa mienzaniso yakapusa inoshanda.

Ndinogona kunge ndisina kururama, saka ndapota ipai zvinongedzo kune zvinobatsira zviwanikwa. Zvisinei, izvi hazvizoshandure kutsunga kwangu kunyora, nokuti chinangwa chikuru ndechekudzidza chimwe chinhu pachangu, uye kuita kuti hupenyu huve nyore kune vamwe ibhonasi inofadza iyo inobata geni rekugovana ruzivo.

Isu tichaedza kutora yepakati-saizi LAN DC data centre uye tishande iyo yese otomatiki chirongwa.
Ndichange ndichiita zvimwe zvinhu kanenge kekutanga newe.

Ini handizove wepakutanga mune mazano uye zvishandiso zvinotsanangurwa pano. Dmitry Figol ane zvakanakisa chiteshi chine hova pamusoro penyaya iyi.
Zvinyorwa zvichapindirana navo mune zvakawanda.

Iyo LAN DC ine 4 DCs, anenge mazana maviri nemakumi mashanu ekuchinja, hafu yegumi nemaviri marouters uye akati wandei emoto.
Kwete Facebook, asi zvakakwana kuti iwe ufunge zvakadzama nezve otomatiki.
Pane, zvisinei, maonero ekuti kana uine anopfuura 1 mudziyo, otomatiki inotodiwa.
Muchokwadi, zvakaoma kufungidzira kuti chero munhu iye zvino anogona kurarama asina kanenge paki yemabvi manyoro.
Kunyange zvazvo ndakanzwa kuti kune mahofisi uko IP kero inochengetwa muExcel, uye imwe neimwe yezviuru zvemadhizha etiweki inogadziriswa nemaoko uye ine maitiro ayo akasiyana. Izvi, hongu, zvinogona kupfuudzwa seunyanzvi hwemazuva ano, asi manzwiro einjiniya achagumburwa.

Zvinangwa

Iye zvino tichaisa zvibodzwa zvakanyanyisa:

  • Mambure akaita sechisikwa chimwe chete
  • Configuration test
  • Network state shanduro
  • Kuongorora uye kuzviporesa kwemabasa

Gare gare munyaya ino tichatarisa nzira dzatichashandisa, uye mune zvinotevera, tichatarisa zvinangwa uye nzira zvakadzama.

Mambure akaita sechisikwa chimwe chete

Mutsara unotsanangura weiyo nhevedzano, kunyangwe pakutanga kutarisa ingaite isingaite yakakosha: isu tichagadzirisa network, kwete maturusi ega.
Mumakore achangopfuura, takaona shanduko mukusimbisa kubata network sechinhu chimwe chete, saka iyo Yakatsanangurwa Networking Software, Intent Driven Networks ΠΈ Autonomous Networks.
Mushure mezvose, zvikumbiro zvinodei pasi rose kubva kunetiweki: kubatana pakati pemapoinzi A uye B (zvakanaka, dzimwe nguva +B-Z) uye kuzviparadzanisa nevamwe kubva kune mamwe maapplication uye vashandisi.

Automation kune vadiki. Chikamu zero. Planning

Uye saka basa redu mune ino nhevedzano ndere kuvaka hurongwa, kuchengetedza chimiro chazvino network yese, iyo yatove yakaora kuita iyo chaiyo yekumisikidza pane imwe neimwe mudziyo zvinoenderana nebasa rayo nenzvimbo.
maitiro network manejimendi inoreva kuti kuita shanduko tinoibata, uye iyo, zvakare, inoverengera inodiwa mamiriro ega ega mudziyo uye nekuigadzirisa.
Nenzira iyi, isu tinodzikisira kupinda kwemaoko kuCLI kusvika ku zero - chero shanduko mumagadzirirwo emudziyo kana dhizaini yetiweki inofanirwa kuve yakarongeka uye kunyorwa - uye chete yozoendeswa kune inodiwa network zvinhu.

Ndokunge, semuenzaniso, kana isu takasarudza kuti kubva zvino zvichienda mberi rack switch muKazan inofanirwa kuzivisa maviri network pane imwe, isu

  1. Chekutanga tinonyora shanduko mumasystem
  2. Kugadzira iyo inotarirwa gadziriso yeese network zvishandiso
  3. Isu tinotangisa iyo network configuration update chirongwa, iyo inoverenga izvo zvinoda kubviswa pane imwe neimwe node, chii chekuwedzera, uye inounza node kune inodiwa mamiriro.

Panguva imwecheteyo, tinoita shanduko nemaoko chete padanho rekutanga.

Configuration test

Iyo inozivikanwakuti 80% yematambudziko anoitika panguva yekuchinja shanduko - humbowo husina kunanga hweizvi ndehwekuti panguva yezororo reGore Idzva zvinhu zvese zvinowanzodzikama.
Ini pachangu ndakazvionera makumi epasi pasi rose nekuda kwekukanganisa kwevanhu: murairo usiriwo, gadziriso yakaitwa mubazi risiri iro, nharaunda yakakanganwa, MPLS yakaputswa pasi rose pa router, zvidimbu zvishanu zvehardware zvakagadziriswa, asi chikanganiso hachina. akacherekedza pachitanhatu, chinjo dzekare dzakaitwa nomumwe munhu dzakaitwa . Kune toni yezviitiko.

Automation ichatibvumira kuita zvikanganiso zvishoma, asi pamwero mukuru. Nenzira iyi iwe unogona zvidhinha kwete mudziyo mumwe chete, asi network yese kamwechete.

Kubva panguva yekare, vanasekuru vedu vakatarisa kururamisa kwekuchinja kwakaitwa neziso rakanaka, mabhora esimbi uye kushanda kwetiweki mushure mokunge vabudiswa.
Avo sekuru vane basa rakakonzera kuderera uye kurasikirwa kwenjodzi kwakasiya vana vashoma uye vanofanirwa kufa nekufamba kwenguva, asi kushanduka-shanduka inzira inononoka, uye saka havasi vese vachiri kuyedza shanduko murabhoritari kutanga.
Nekudaro, kumberi kwekufambira mberi kune avo vakazviitira otomatiki maitiro ekuyedza iyo gadziriso uye nekumwe kushanda kwayo kune network. Mune mamwe mazwi, ndakakwereta iyo CI/CD maitiro (Kuenderera mberi Kubatanidzwa, Kuenderera mberi Kuendeswa) kubva kuvagadziri.
Mune chimwe chezvikamu isu tichatarisa maitiro ekuita izvi uchishandisa shanduro yekudzora system, pamwe Github.

Paunenge uchinge wajaira iyo pfungwa yenetwork CI / CD, nehusiku nzira yekutarisa gadziriso nekuishandisa kune network yekugadzira inoita sekunge kusaziva kwekare. Kuda kurova warhead nesando.

An organic kuenderera mberi kwemazano nezve system manejimendi manejimendi uye CI/CD inova yakazara shanduro yekumisikidzwa.

Versioning

Isu tichafungidzira kuti nechero shanduko, kunyangwe idiki, kunyangwe pane imwe isingaonekwe mudziyo, network yese inofamba kubva kune imwe nyika kuenda kune imwe.
Uye isu nguva dzose hatiite murairo pane mudziyo, isu tinoshandura mamiriro etiweki.
Saka ngatidaidze idzi nyika shanduro?

Ngatitii shanduro yemazuva ano ndeye 1.0.0.
Iyo IP kero yeLoopback interface pane imwe yeToRs yachinja here? Iyi ishanduro diki uye ichaverengerwa 1.0.1.
Isu takagadziridza marongero enzira dzekuunza kunze muBGP - zvishoma zvakanyanya - yatova 1.1.0
Takasarudza kubvisa IGP uye shandura kuBGP chete - iyi yatova shanduko yekugadzira - 2.0.0.

Panguva imwecheteyo, maDC akasiyana-siyana anogona kunge ane shanduro dzakasiyana - network iri kukura, michina mitsva iri kuiswa, mazinga matsva emusana ari kuwedzerwa kune imwe nzvimbo, kwete mune vamwe, nezvimwewo.

pamusoro semantic shanduro tichataura mune imwe nyaya.

Ndinodzokorora - chero shanduko (kunze kwemirairo yekubvisa) ishanduro yekuvandudza. Vatungamiri vanofanirwa kuziviswa nezve chero kutsauka kubva kune yazvino vhezheni.

Izvo zvinoshandawo pakudzosera kumashure shanduko - uku hakusi kukanzura mirairo yekupedzisira, uku hakusi kudzoreredza uchishandisa sisitimu yekushandisa - izvi zviri kuunza network yese kune itsva (yekare) vhezheni.

Kuongorora uye kuzviporesa kwemabasa

Iri basa rekuzviratidzira rasvika padanho idzva mumambure emazuva ano.
Kazhinji, vapeji vebasa vakakura vanotora nzira yekuti sevhisi yakakundikana inoda kugadziriswa nekukurumidza uye nyowani yakasimudzwa, pane kufunga kuti chii chakaitika.
"Zvakanyanya" zvinoreva kuti iwe unofanirwa kuve wakaputirwa nerupo pamativi ese nekutarisa, izvo mukati memasekonzi zvinozoona kutsauka kudiki kubva pane zvakajairwa.
Uye pano mametrics akajairwa, senge interface kurodha kana kuwanikwa kwenode, haasisina kukwana. Kuvatarisa nemaoko nemukuru webasa hakuna kukwanawo.
Pazvinhu zvakawanda zvinofanira kuvapo Kuzviporesa β€” mamonitoring lights akatsvuka tikaenda tikanozora plantain payairwadza.

Uye pano isu tinongotarisa kwete chete zvishandiso zvega, asiwo hutano hwese network, ese machena mabhokisi, ayo anonzwisisika, uye bhokisi dema, iro rinonyanya kuomarara.

Tichadei kuti tiite zvirongwa zvakadaro zvine mukurumbira?

  • Iva nerondedzero yezvishandiso zvese panetiweki, kwazvinogara, mabasa, mhando, software shanduro.
    kazan-leaf-1.lmu.net, Kazan, shizha, Juniper QFX 5120, R18.3.
  • Iva nehurongwa hwekutsanangura network masevhisi.
    IGP, BGP, L2/3VPN, Policy, ACL, NTP, SSH.
  • Kugona kutanga mudziyo.
    Zita rekutambira, Mgmt IP, Mgmt Route, Vashandisi, RSA-Keys, LLDP, NETCONF
  • Gadzirisa mudziyo uye uuye negadziriso kune yaunoda (kusanganisira yekare) vhezheni.
  • Test configuration
  • Nguva nenguva tarisa mamiriro ezvishandiso zvese zvekutsauka kubva kune zvazvino uye taura kunaani wazvinofanirwa kuve.
    Husiku humwe, mumwe munhu akawedzera mutemo kune ACL.
  • Monitor performance.

Mari

Zvinonzwika zvakaoma kuti utange kukanganisa purojekiti muzvikamu.

Uye vachava gumi vavo.

  1. Inventory system
  2. IP space management system
  3. Network sevhisi tsananguro system
  4. Chigadzirwa chekutanga nzira
  5. Vendor-agnostic configuration model
  6. Vendor-specific driver interface
  7. Mechanism yekuendesa zvigadziriso kune mudziyo
  8. CI / CD
  9. Mechanism yekuchengetedza uye kutsvaga kutsauka
  10. Monitoring system

Izvi, nenzira, muenzaniso wekuti maonero pamusoro pezvinangwa zvekutenderera akachinja sei - paiva nezvikamu zvina muchirongwa.

Automation kune vadiki. Chikamu zero. Planning

Mumufananidzo ndakaratidzira zvese zvikamu uye mudziyo pachawo.
Zvikamu zvinopindirana zvinopindirana.
Iyo yakakura block, iyo yakanyanya kutarisisa inoda kubhadharwa kune ichi chikamu.

Chikamu 1: Inventory System

Zviripachena, isu tinoda kuziva kuti ndeipi michina iripo, chii chakabatana nacho.
Iyo inventory system chikamu chakakosha chechero bhizinesi.
Kazhinji kacho, bhizinesi rine yakaparadzana yekuisa sisitimu yetiweki zvishandiso, izvo zvinogadzirisa zvakanyanya mamwe matambudziko.
Sechikamu cheiyi nhevedzano yezvinyorwa, tichazvidaidza kuti DCIM - Data Center Infrastructure Management. Kunyangwe izwi rekuti DCIM pacharo, kunyatsotaura, rinosanganisira zvakawanda.

Nezvinangwa zvedu, isu tichachengeta inotevera ruzivo nezve mudziyo uri mairi:

  • Inventory nhamba
  • Musoro/ Tsanangudzo
  • Model (Huawei CE12800, Juniper QFX5120, nezvimwe.)
  • Characteristic parameters (mapuranga, interfaces, nezvimwe.)
  • Basa (Leaf, Spine, Border Router, nezvimwe.)
  • Nzvimbo (dunhu, guta, nzvimbo yedata, rack, unit)
  • Kubatana pakati pemidziyo
  • Network topology

Automation kune vadiki. Chikamu zero. Planning

Zvakanyatsojeka kuti isu pachedu tinoda kuziva zvose izvi.
Asi izvi zvichabatsira kune otomatiki zvinangwa here?
Hapana mubvunzo.
Semuenzaniso, tinoziva kuti mune yakapihwa data centre paLeaf switch, kana iri Huawei, ACLs yekusefa imwe traffic inofanirwa kuiswa paVLAN, uye kana iri Juniper, ipapo pane unit 0 yechimiro chemuviri.
Kana kuti unofanirwa kuburitsa sevha itsva yeSyslog kumiganhu yese mudunhu.

Mariri isu tichachengeta virtual network zvishandiso, semuenzaniso chaiwo ma routers kana midzi reflectors. Isu tinogona kuwedzera DNS maseva, NTP, Syslog uye mune zvese zvese izvo neimwe nzira kana imwe zvine chekuita netiweki.

Chikamu 2: IP space management system

Hongu, uye mazuva ano kune zvikwata zvevanhu vanochengeta prefixes uye IP kero muExcel faira. Asi nzira yemazuva ano ichiri dhatabhesi, ine kumberi-kumagumo panginx/apache, API uye yakakura mabasa ekurekodha IP kero uye network yakakamurwa kuita VRFs.
IPAM - IP Kero Management.

Nezvinangwa zvedu, isu tichachengeta inotevera ruzivo mairi:

  • VLANs
  • VRF
  • Networks / Subnets
  • IP kero
  • Kusunga kero kumidziyo, network kune nzvimbo uye VLAN nhamba

Automation kune vadiki. Chikamu zero. Planning

Zvekare, zviri pachena kuti isu tinoda kuve nechokwadi chekuti kana isu tagovera kero itsva yeIP yeToR loopback, isu hatizogumburwe pamusoro pekuti yakatopihwa mumwe munhu. Kana kuti isu takashandisa prefix imwechete kaviri pamagumo akasiyana etiweki.
Asi izvi zvinobatsira sei ne automation?
Nyore.
Isu tinokumbira prefix muhurongwa ine basa reLoopbacks, iro rine IP kero iripo yekugoverwa - kana yawanikwa, tinogovera kero, kana zvisiri, tinokumbira kusikwa kwechivakashure chitsva.
Kana pakugadzira dhizaini yekumisikidza, isu tinogona kuziva kubva kune imwecheteyo sisitimu umo VRF iyo interface inofanira kuwanikwa.
Uye kana uchitanga sevha nyowani, iyo script inopinda muhurongwa, inoona kuti ndeipi switch iyo sevha iri mukati, iyo chiteshi uye ndeipi subnet inopihwa kune interface - uye ichagovera sevha kero kubva mairi.

Izvi zvinopa chishuwo chekubatanidza DCIM neIPAM kuita imwe sisitimu kuitira kuti isadzokorore mabasa uye kusashandira masangano maviri akafanana.
Ndizvo zvatichaita.

Chikamu 3. Sisitimu yekutsanangura network masevhisi

Kana maviri ekutanga masisitimu akachengeta zvinosiyana zvichiri kuda kushandiswa neimwe nzira, ipapo yechitatu inotsanangura kune yega yega mudziyo basa magadzirirwo ayo.
Zvakakodzera kusiyanisa marudzi maviri akasiyana emasevhisi etiweki:

  • Infrastructure
  • Client.

Iwo ekutanga akagadzirirwa kupa basic yekubatanidza uye kudzora mudziyo. Izvi zvinosanganisira VTY, SNMP, NTP, Syslog, AAA, routing protocol, CoPP, nezvimwe.
Iyo yekupedzisira inoronga sevhisi yemutengi: MPLS L2/L3VPN, GRE, VXLAN, VLAN, L2TP, nezvimwe.
Ehezve, kune zvakare mabhesi emuganho - kupi kunosanganisira MPLS LDP, BGP? Ehe, uye maprotocol ekufambisa anogona kushandiswa kune vatengi. Asi izvi hazvina kukosha.

Masevhisi ese ari maviri emhando dzesevhisi akaodzwa kuita primitives yekumisikidza:

  • zvemuviri uye zvine musoro zvinosangana (tag/anteg, mtu)
  • IP kero uye VRFs (IP, IPv6, VRF)
  • ACLs uye mitemo yekugadzirisa traffic
  • Protocols (IGP, BGP, MPLS)
  • Mitemo yenzira (prefix list, nharaunda, mafirita eASN).
  • Utility masevhisi (SSH, NTP, LLDP, Syslog...)
  • Etc.

Kuti tichaita sei chaizvo izvi, ini handisati ndaziva. Tichazvitarisa mune imwe nyaya.

Automation kune vadiki. Chikamu zero. Planning

Kana zvishoma pedyo nehupenyu, saka tinogona kutsanangura izvozvo
Iyo Leaf switch inofanirwa kunge iine BGP masesheni ane ese akabatana Spine switch, pinza ma network akabatana mukuita, uye kugamuchira network chete kubva kune imwe prefix kubva kuSpine switch. Misa CoPP IPv6 ND kusvika gumi pps, nezvimwe.
Nekudaro, ma spines anobata masesheni ane ese akabatana anotungamira, achishanda semidzi anoratidza, uye anogashira kubva kwavari nzira dzehurefu hwakati uye neimwe nharaunda.

Chikamu 4: Chigadzirwa Kutanga Mechanism

Pasi pemusoro uyu ndinosanganisa akawanda ezviito zvinofanirwa kuitika kuitira kuti mudziyo uoneke pa radar uye usvike kure.

  1. Pinda mudziyo muhurongwa hwezvinhu.
  2. Sarudza kero ye IP kero.
  3. Gadzirisa kuwana kwayo:
    Zita rekutambira, manejimendi IP kero, nzira inoenda kune manejimendi network, vashandisi, SSH makiyi, mapuroteni - telnet/SSH/NETCONF

Pane nzira nhatu:

  • Zvese zviri manyorero. Chishandiso chinounzwa pachigadziko, apo munhuwo zvake organic anopinda machiri mumasisitimu, batanidza kune koni uye gadzirisa. Inogona kushanda pane diki static network.
  • ZTP - Zero Kubata Kugovera. Iyo hardware yakasvika, yakasimuka, yakagamuchira kero kuburikidza neDHCP, yakaenda kune yakakosha server, uye yakazvigadzirisa.
  • Zvivako zvemaseva econsole, uko yekutanga kumisikidzwa kunoitika kuburikidza neiyo console port mune otomatiki modhi.

Tichataura nezvese matatu mune imwe chinyorwa chakasiyana.

Automation kune vadiki. Chikamu zero. Planning

Chikamu 5: Vendor-agnostic configuration model

Kusvika parizvino, masisitimu ese anga akasiyana zvigamba zvinopa zvinoshanduka uye tsananguro inozivisa yezvatinoda kuona pane network. Asi nokukurumidza kana kuti gare gare, uchafanira kutarisana nezvakananga.
Panguva ino, kune yega yega mudziyo, primitives, masevhisi uye zvinosiyana zvinosanganiswa kuita yekumisikidza modhi inotsanangura kurongeka kwakazara kwechigadzirwa chakati, chete nenzira isina kwayakarerekera kune mutengesi.
Danho iri rinoitei? Wadii kukasika kugadzira chigadziriso chemudziyo chaunogona kungoisa?
Muchokwadi, izvi zvinogadzirisa matambudziko matatu:

  1. Usachinjire kune chaiyo interface yekudyidzana nemudziyo. Ive iyo CLI, NETCONF, RESTCONF, SNMP - iyo modhi ichave yakafanana.
  2. Usachengeta nhamba yematemplate / zvinyorwa maererano nehuwandu hwevatengesi pane network, uye kana dhizaini ichichinja, shandura chinhu chimwe chete munzvimbo dzinoverengeka.
  3. Rodha zvigadziriso kubva pachigadzirwa (backup), uise mumuenzaniso wakafanana uye uenzanise zvakananga chinangwa chekugadzirisa neicho chiripo kuti uverenge delta uye kugadzirira chigamba chekugadzirisa chinoshandura chete zvikamu izvo zvakakosha kana kuziva zvakatsauka.

Automation kune vadiki. Chikamu zero. Planning

Nekuda kwechinhanho ichi, tinowana gadziriso-yakazvimiririra yezvigadziriso.

Chikamu 6. Mutengesi-chaiyo mutyairi interface

Iwe haufanirwe kuzvibata kumeso uine tariro yekuti rimwe zuva zvinogoneka kugadzirisa ciska nenzira chaiyo seJuniper, nekungotumira iwo chaiwo mafoni kwavari. Zvisinei nekukura kuri kuita mukurumbira wemabhokisi machena uye kubuda kwerutsigiro rweNETCONF, RESTCONF, OpenConfig, iwo chaiwo emukati anounzwa nemaprotocol aya anosiyana kubva kune mutengesi kune mutengesi, uye uyu ndiwo mumwe wemisiyano yavo yemakwikwi zvekuti havazoregedze nyore.
Izvi zvakangofanana neOpenContrail uye OpenStack, iyo ine RestAPI seyavo NorthBound interface, tarisira kufona kwakasiyana zvachose.

Saka, munhanho yechishanu, mutengesi-akasununguka muenzaniso anofanira kutora fomu iyo ichaenda kune hardware.
Uye pano nzira dzese dzakanaka (kwete): CLI, NETCONF, RESTCONF, SNMP zviri nyore.

Naizvozvo, isu tichada mutyairi anozoendesa mhedzisiro yenhanho yapfuura mune inodiwa fomati yeakananga mutengesi: seti yemirairo yeCLI, chimiro cheXML.

Automation kune vadiki. Chikamu zero. Planning

Chikamu 7. Mechanism yekuendesa gadziriro kune mudziyo

Isu takagadzira iyo gadziriso, asi ichiri kuda kuendeswa kumidziyo - uye, zviri pachena, kwete neruoko.
Kutanga, takatarisana nemubvunzo wekuti tichashandisei transport? Uye nhasi sarudzo haisisiri diki:

  • CLI (telnet, ssh)
  • SNMP
  • NECONF
  • RESTCONF
  • VAMWE API
  • OpenFlow (kunyangwe iri kunze nekuti inzira yekuendesa FIB, kwete marongero)

Ngatitorei t iri pano. CLI inhaka. SNMP... kukosora kukosora.
RESTCONF ichiri mhuka isingazivikanwe; iyo REST API inotsigirwa nechero munhu. Naizvozvo, isu tichatarisa paNETCONF munhevedzano.

Muchokwadi, sekunzwisisa kwaakaita muverengi, panguva ino isu takatosarudza pane iyo interface - mhedzisiro yenhanho yapfuura yakatoratidzwa muchimiro cheiyo interface yakasarudzwa.

Chechipiri, uye maturusi api atichaita izvi?
Pane zvakare sarudzo huru pano:

  • Kuzvinyora script kana chikuva. Ngatizvishongedzei nencclient uye asyncIO uye tiite zvese isu pachedu. Zvinotidyira chii kugadzira deployment system kubva pakutanga?
  • Zvinogoneka neraibhurari yayo yakapfuma yenetworking modules.
  • Munyu nebasa rayo shoma netiweki uye kubatana neNapalm.
  • Chaizvoizvo Napalm, iyo inoziva vakati wandei vatengesi uye ndizvozvo, zvakanaka.
  • Nornir imwe mhuka yatichatsemura mune ramangwana.

Pano mudiwa hausati wasarudzwa - tichave tichitsvaga.

Chii chimwe chakakosha pano? Zvikonzero zvekushandisa iyo configuration.
Kubudirira kana kusabudirira. Kuchiri kuwana kune Hardware kana kwete?
Zvinoita sekuti kuzvipira kuchabatsira pano nekusimbisa uye kusimbiswa kwezvakatorwa kumudziyo.
Izvi, zvakasanganiswa nekuita kwakaringana kweNETCONF, inoderedza zvakanyanya huwandu hwemidziyo yakakodzera - havasi vazhinji vanogadzira vanotsigira zvakajairwa kuita. Asi ichi chingori chimwe chezvinodikanwa mukati RFP. Pakupedzisira, hapana anonetsekana kuti hapana mutengesi weRussia mumwe chete achaenderana ne32 * 100GE interface mamiriro. Kana kuti ari kunetseka here?

Automation kune vadiki. Chikamu zero. Planning

Chikamu 8. CI/CD

Panguva ino, isu tatova negadziriso yakagadzirira kune ese maturusi madivayiri.
Ini ndinonyora "zvese" nekuti tiri kutaura nezve kushandura iyo network network. Uye kunyangwe kana iwe uchida kushandura marongero eimwe chete switch, shanduko dzinoverengerwa kunetiweki yese. Zviripachena, vanogona kuve zero kune akawanda node.

Asi, sezvakambotaurwa pamusoro, isu hatisi mamwe marudzi evatorwa vanoda kutenderedza zvese mukugadzira.
Iyo yakagadzirwa inogadziriswa inofanira kutanga yaenda kuburikidza nePipeline CI/CD.

CI/CD inomirira kuti Continuous Integration, Continuous Deployment. Iyi inzira iyo timu haingobudise kuburitswa kukuru kutsva mushure memwedzi mitanhatu yega yega, kutsiva yakare, asi inogara ichiwedzera (Deployment) mashandiro matsva muzvikamu zvidiki, chimwe nechimwe chazvo chinoedzwa zvizere kuenderana, chengetedzo uye. kuita (Kubatanidzwa).

Kuti tiite izvi, isu tine vhezheni yekudzora sisitimu inotarisisa shanduko yekuchinja, rabhoritari inotarisa kana sevhisi yemutengi yakaputsika, hurongwa hwekutarisa hunoongorora chokwadi ichi, uye danho rekupedzisira riri kuburitsa shanduko kune network yekugadzira.

Kunze kwemirairo yedebugging, zvachose shanduko dzese panetiweki dzinofanira kuenda kuburikidza neCI/CD Pipeline - iyi ndiyo vimbiso yedu yehupenyu hwakanyarara uye basa refu, rinofara.

Automation kune vadiki. Chikamu zero. Planning

Chikamu 9. Backup uye anomaly yekuongorora system

Zvakanaka, hapana chikonzero chekutaura nezve backups zvakare.
Isu tichangovaisa mugit zvinoenderana nekorona kana pamusoro peiyo shanduko yekuchinja.

Asi chikamu chechipiri chinonyanya kufadza - mumwe munhu anofanira kuramba akatarira aya mabhakiti. Uye mune dzimwe nguva, uyu munhu anofanira kuenda uye kushandura zvese sezvazvaive, uye mune vamwe, meow kune mumwe munhu kuti chimwe chinhu chakashata.
Semuenzaniso, kana mushandisi mutsva akaonekwa asina kunyoreswa mune zvinoshanduka, unofanirwa kumubvisa kure nekubira. Uye kana zviri nani kuti usabata mutemo mutsva wefirewall, zvichida mumwe munhu akangoshandura debugging, kana kuti zvichida sevhisi itsva, bungler, yakanga isina kunyoreswa maererano nemitemo, asi vanhu vakatopinda.

Isu hatisi kuzopukunyuka imwe diki delta pachiyero chetiweki yese, kunyangwe chero otomatiki masisitimu uye ruoko rune simbi rwekutonga. Kugadzirisa matambudziko, hapana anozowedzera zvigadziriso kune masisitimu zvakadaro. Uyezve, ivo vangave vasina kana kuverengerwa mune yekumisikidza modhi.

Semuenzaniso, mutemo wefirewall wekuverenga huwandu hwemapaketi pane chaiyo IP kuti uise dambudziko kurongeka kwakajairwa kwenguva pfupi.

Automation kune vadiki. Chikamu zero. Planning

Chikamu 10. Monitoring system

Pakutanga ndanga ndisiri kuzovhara musoro wekutarisa - ichiri nyaya inovhurika, ine gakava uye yakaoma. Asi sezvo zvinhu zvakafambira mberi, zvakazoitika kuti ichi chaive chikamu chakakosha che automation. Uye hazvibviri kuzvinzvenga, kunyangwe pasina kudzidzira.

Evolving Thought chikamu chehupenyu cheCI / CD maitiro. Mushure mekutangisa zvigadziriso kunetiweki, isu tinofanirwa kukwanisa kuona kana zvese zvakanaka nazvo izvozvi.
Uye isu hatisi kutaura chete uye kwete zvakanyanya nezve mashandisirwo ekushandisa masheti kana kuwanikwa kwenodhi, asi nezve zvimwe zvinhu zvisingaoneki - kuvapo kwenzira dzinodiwa, hunhu pavari, huwandu hwezvikamu zveBGP, vavakidzani veOSPF, Kupera-kusvika-Kupera kuita. yebasa rakawandisa.
Ko ma syslogs kuserver yekunze akamira kuwedzera, kana kuti SFlow agent yakaputsika, kana madonhwe emumitsetse akatanga kukura, kana kubatana pakati pemamwe maprefixes akaparara?

Tichafungisisa pamusoro peizvi mune imwe nyaya yakasiyana.

Automation kune vadiki. Chikamu zero. Planning

Automation kune vadiki. Chikamu zero. Planning

mhedziso

Sehwaro, ndakasarudza imwe yemazuva ano data center network dhizaini - L3 Clos Fabric ine BGP senzira yekufambisa.
Panguva ino tichavaka network paJuniper, nekuti ikozvino JunOs interface ivanlove.

Ngatiite kuti hupenyu hwedu hunyanye kuoma nekushandisa chete Open Source maturusi uye akawanda-vatengesi network - saka kuwedzera kuJuniper, ini ndichasarudza mumwezve munhu ane rombo rakanaka munzira.

Hurongwa hwezvinyorwa zvichauya ndeichi:
Kutanga ini ndichataura nezve virtual network. Chokutanga pane zvose, nokuti ndinoda, uye chechipiri, nokuti pasina izvi, dhizaini yehutano hwehutano haizove yakajeka.
Zvino nezve network dhizaini pachayo: topology, routing, marongero.
Ngatiunganidze chigadziko cherabhoritari.
Ngatifungei nezvazvo uye pamwe dzidzira kutanga mudziyo pane network.
Uye zvino nezve chimwe nechimwe chikamu mune zvakadzama zvakadzama.

Uye hongu, ini handivimbisi kupedzisa kutenderera uku nemhinduro yakagadzirira. πŸ™‚

Useful links

  • Usati wanyatsoongorora zvakatevedzana, zvakakodzera kuverenga bhuku raNatasha Samoilenko Python yeNetwork Engineers. Uye pamwe pfuura Chokwadi.
  • Zvichabatsirawo kuverenga RFC nezve dhizaini yemafekitori epa data kubva kuFacebook naPeter Lapukhov.
  • Zvinyorwa zvekuvaka zvinokupa iwe zano rekuti Overlay SDN inoshanda sei. Tungsten Fabric (yaimbova Open Contrail).
Ndatenda

Roman Gorge. Kune makomendi nekugadzirisa.
Artyom Chernobay. Pamusoro peKDPV.

Source: www.habr.com

Voeg