ProHoster > Blog > Utongi > The Mukati Playbook. Networking maficha mune itsva Ansible Injini 2.9

The Mukati Playbook. Networking maficha mune itsva Ansible Injini 2.9

The Mukati Playbook. Networking maficha mune itsva Ansible Injini 2.9

Kuburitswa kuri kuuya kweRed Hat Ansible Engine 2.9 kunounza kuvandudzwa kunofadza, zvimwe zvacho zvinokurukurwa munyaya ino. Senguva dzose, tanga tichigadzira Ansible Network kuvandudzwa pachena, nerutsigiro rwenharaunda. Join us - tarisa bhodhi rekuburitsa paGitHub uye kudzidza chirongwa chebudiriro che kuburitswa kweRed Hat Ansible Injini 2.9 papeji yewiki ye Ansible Network.

Sezvatakazivisa munguva pfupi yapfuura, Red Hat Ansible Automation Platform ikozvino inosanganisira Ansible Shongwe, Ansible Injini uye ese Ansible Network zvemukati. Mazuva ano, anonyanya kufarirwa networking mapuratifomu anoitwa kuburikidza neAnsible modules. Semuyenzaniso:

  • Arista EOS
  • Cisco IOS
  • Cisco IOS XR
  • Cisco NX-OS
  • Juniper Junos
  • VyOS

Kuti uwane runyorwa ruzere rwemapuratifomu anotsigirwa zvizere neRed Hat kuburikidza neAnsible Automation kunyoreswa, rakabudiswa pano.

Tadzidzei

Kwemakore mana apfuura, takadzidza zvakawanda nezvekugadzira network otomatiki chikuva. Takadzidzawo izvozvo sei zvigadzirwa zvepuratifomu zvinoshandiswa muAnsible playbooks uye mabasa nevashandisi vekupedzisira. Uye izvi ndizvo zvatakawana:

  • Masangano ari otomatiki michina kubva kwete imwe chete, asi vazhinji vatengesi.
  • Automation haisi chiitiko chehunyanzvi chete, asiwo chetsika.
  • Kuzviitira otomatiki network pachiyero kwakaoma kupfuura zvazvinoita nekuda kweiyo yakakosha misimboti yekugadzira otomatiki dhizaini.

Patakakurukura hurongwa hwedu hwekukura kwenguva refu kwegore rapfuura, vatengi vedu vemakambani vakakumbira zvinotevera:

  • Kuunganidzwa kwechokwadi kunofanirwa kuve kwakamisikidzwa zvirinani uye kuenderana neautomation workflows pamidziyo yese.
  • Kugadziridza zvigadziriso pachishandiso zvakare kunoda kuve kwakamisikidzwa uye kuenderana kuitira kuti Ansible modules ibate chikamu chechipiri chekutenderera mushure mekuunganidza chokwadi.
  • Tinoda dzakaomarara uye dzinotsigirwa nzira dzekushandura dhizaini kumisikidzwa kuita data yakarongeka. Pahwaro uhwu, sosi yechokwadi inogona kutamiswa kubva kunetiweki mudziyo.

Chokwadi kuvandudzwa

Kuunganidza chokwadi kubva kunetiweki zvishandiso uchishandisa Ansible zvinowanzoitika chero. Mapuratifomu etiweki ane madhigirii akasiyana-siyana ekukwanisa kuunganidza chokwadi, asi ane zvishoma kana kuti haana mashandiro ekuparura uye kuenzanisa kiyi-kukosha inomiririra data. Verenga post Ken Celenza pamusoro pekuoma nekurwadza kwazvingaite kuongorora nekumisa data rechokwadi.

Unogona kunge wationa tichishanda paAnsible Network Engine basa. Nomuzvarirwo, 24K yekurodha gare gare, iyo Network Injini basa rakakurumidza kuve rimwe reanonyanya kufarirwa Ansible mabasa muAnsible Galaxy yetiweki otomatiki scenarios. Tisati tafambisa zvakawanda zveizvi muAnsible 2.8 kugadzirira izvo zvichange zvichidikanwa muAnsible 2.9, iri Ansible basa rakapa seti yekutanga yezvishandiso zvekubatsira kupatsanura mirairo, kutonga mirairo, uye kuunganidza data retiweki zvishandiso.

Kana iwe uchiziva mashandisiro eNetwork Engine, iyi inzira inoshanda kwazvo yekuunganidza, kutsanangura, uye kumisikidza data yechokwadi kuti ishandiswe muAnsible. Iyo inokanganisa yeiyi basa ndeyekuti iwe unofanirwa kugadzira boka rese reparers papuratifomu yega yega uye kune ese network chiitiko. Kuti unzwisise kuti zvakaoma sei kugadzira, kutumira, uye kuchengetedza vaparadzi, tarisa Vanopfuura 1200 parsers kubva kuvakomana kuCisco.

Muchidimbu, kuwana chokwadi kubva kumidziyo uye kuijairisa kuita kiyi-kukosha pairi kwakakosha kune otomatiki pachiyero, asi kuita izvi kwakaoma kana uine vazhinji vatengesi uye network mapuratifomu.

Imwe neimwe network yechokwadi module muAnsible 2.9 ikozvino inogona kuongorora kumisikidzwa kwetiweki mudziyo uye kudzosa yakarongeka data - pasina mamwe maraibhurari, Ansible mabasa kana tsika parsers.

Kubva Ansible 2.9, nguva yega yega inogadziridzwa network module inoburitswa, iyo module yechokwadi inovandudzwa kuti ipe data nezve chikamu ichi chekugadzirisa. Ndokunge, kuvandudzwa kwechokwadi uye mamodule ikozvino kunoitika pamwero wakafanana, uye ivo vanozogara vaine yakajairika data chimiro.

Kugadziriswa kwezviwanikwa pane network network inogona kudzoserwa uye kushandurwa kuita data yakarongeka munzira mbiri. Munzira mbiri, iwe unogona kuunganidza uye kushandura yakatarwa runyorwa rwezviwanikwa uchishandisa nyowani kiyi gather_network_resources. Mazita ezvekushandisa anoenderana nemazita emamodule, ayo ari nyore kwazvo.

Pakuunganidza chokwadi:

Kushandisa izwi rinokosha gather_facts iwe unogona kudzoreredza iko iko iko kumisikidzwa kwemudziyo pakutanga kwebhuku rekutamba, wobva waishandisa mukati mebhuku rese rekutamba. Taura zviwanikwa zvega zvega zvinozotorwa kubva mumudziyo.

- hosts: arista
  module_defaults:
    eos_facts:
      gather_subset: min
      gather_network_resources:
      - interfaces
  gather_facts: True

Iwe unogona kunge waona chimwe chinhu chitsva mumienzaniso iyi, zvinoti - gather_facts: true yave kuwanikwa yekuunganidza chokwadi chekuunganidza kunetiweki zvishandiso.

Uchishandisa network chokwadi module zvakananga:

- name: collect interface configuration facts
  eos_facts:
    gather_subset: min
    gather_network_resources:
    - interfaces

Iyo playbook inodzosera zvinotevera chokwadi nezve interface:

ansible_facts:
   ansible_network_resources:
      interfaces:
      - enabled: true
        name: Ethernet1
        mtu: '1476'
      - enabled: true
        name: Loopback0
      - enabled: true
        name: Loopback1
      - enabled: true
        mtu: '1476'
        name: Tunnel0
      - enabled: true
        name: Ethernet1
      - enabled: true
        name: Tunnel1
      - enabled: true
        name: Ethernet1

Ziva kuti Ansible inotora sei gadziriso yemuno kubva kumudziyo weArista uye woishandura kuita data rakarongeka kuti rishandise seyakajairwa kiyi-kukosha pairi kuzasi kwemabasa uye mashandiro.

Interface chokwadi chinogona kuwedzerwa kune Ansible akachengetwa akasiyana uye kushandiswa nekukurumidza kana gare gare sekuisa kune resource module eos_interfaces pasina kuwedzera kugadzirisa kana kutendeuka.

Resource Modules

Saka, isu takaburitsa chokwadi, takagadzirisa iyo data, tikaiisa mune yakamisikidzwa yemukati data chimiro dhayagiramu uye takagamuchira yakagadzirira-yakagadzirwa sosi yechokwadi. Hooray! Izvi zvakanaka, hongu, asi isu tichiri kuda kushandura makiyi-kukosha mapeya kudzokera kune chaiyo gadziriro inotarisirwa nepuratifomu yechigadzirwa. Isu ikozvino tinoda mapuratifomu-chaiwo mamodule kuti asangane neizvi zvitsva-kuunganidza chokwadi uye zvinojairika zvinodiwa.

Chii chinonzi resource module? Unogona kufunga nezvezvigadziriso zvemudziyo sezviwanikwa zvinopihwa nemudziyo iwoyo. Network resource modules inogumira nemaune kune imwechete sosi uye inogona kurongedzerwa senge zvidhinha zvekuvaka kugadzirisa yakaoma network masevhisi. Nekuda kweizvozvo, izvo zvinodikanwa uye kutsanangurwa kweiyo resource module zvinongorerutswa, sezvo resource module inogona kuverenga. ΠΈ gadzirisa chaiyo network sevhisi pane network mudziyo.

Kuti utsanangure zvinoitwa neresource module, ngatitarisei muenzaniso webhuku rekutamba rinoratidza mashandiro akasarudzika uchishandisa nyowani network resource chokwadi uye module. eos_l3_interface.

- name: example of facts being pushed right back to device.
  hosts: arista
  gather_facts: false
  tasks:
  - name: grab arista eos facts
    eos_facts:
      gather_subset: min
      gather_network_resources: l3_interfaces

  - name: ensure that the IP address information is accurate
    eos_l3_interfaces:
      config: "{{ ansible_network_resources['l3_interfaces'] }}"
      register: result

  - name: ensure config did not change
    assert:
      that: not result.changed

Sezvauri kuona, iyo data yakaunganidzwa kubva pachigadzirwa inotamirwa yakananga kune inoenderana sosi module pasina kutendeuka. Kana yakatangwa, bhuku rekutamba rinotora zvakakosha kubva pachigadzirwa uye nekuzvienzanisa nemaitiro anotarisirwa. Mumuenzaniso uyu, hunhu hwakadzoserwa hwakaita sekutarisirwa (kureva kuti, inotarisa kukanganiswa kwekugadzirisa) uye inoshuma kana iyo gadziriso yachinja.

Iyo yakanakira nzira yekuona yekumisikidza kudonha ndeye kuchengeta chokwadi muAnsible akachengetwa akasiyana uye nguva nenguva woashandisa neiyo resource module mune yekuongorora maitiro. Iyi inzira iri nyore yekuona kana mumwe munhu akachinja maitiro. Muzviitiko zvakawanda, masangano anobvumira shanduko nekugadzirisa pamaoko, kunyangwe mabasa mazhinji achiitwa kuburikidza neAnsible Automation.

Mamodule matsva ezvishandiso anosiyana sei neakapfuura?

Kune network otomatiki injiniya, pane 3 misiyano mikuru pakati pezvishandiso modules muAnsible 2.9 uye yapfuura shanduro.

1) Kune yakapihwa network sosi (iyo inogona zvakare kufungidzirwa sechikamu chekumisikidza), ma module uye chokwadi chinoshanduka kune ese anotsigirwa network anoshanda masisitimu panguva imwe chete. Isu tinofunga kuti kana Ansible ichitsigira zviwanikwa zvigadziriso pane imwe network papuratifomu, isu tinofanirwa kuitsigira kwese kwese. Izvi zvinorerutsa mashandisirwo emamodule ekushandisa nekuti network otomatiki injiniya anogona ikozvino kugadzirisa sosi (senge LLDP) pane ese network anoshanda masisitimu ane emuno uye anotsigirwa mamodule.

2) Resource modules ikozvino inosanganisira kukosha kwenyika.

  • merged: iyo gadziriso inosanganiswa neyakapihwa gadziriso (default);
  • replaced: Izvo zviwanikwa zvigadziriso zvichatsiviwa neiyo yakapihwa gadziriso;
  • overridden: Izvo zviwanikwa zvigadziriso zvichatsiviwa neiyo yakapihwa gadziriso; zvisingakoshi zviwanikwa zviwanikwa zvichabviswa;
  • deleted: Izvo zvigadziriso zvekushandisa zvichabviswa / kudzoserwa kune default.

The Mukati Playbook. Networking maficha mune itsva Ansible Injini 2.9

3) Resource modules ikozvino inosanganisira yakagadzikana kudzoka kukosha. Kana network resource module yaita (kana yakurudzira) shanduko dzinodiwa kunetiweki mudziyo, inodzosera imwechete kiyi-kukosha pairi kubhuku rekutamba.

  • before: kugadziridzwa pane mudziyo muchimiro che data rakarongeka risati raitwa;
  • after: kana chishandiso chachinja (kana chinogona kuchinja kana bvunzo modhi ikashandiswa), iyo inokonzeresa gadziriso inodzoserwa se data rakarongeka;
  • commands: Chero mirairo yekumisikidza inomhanya pamudziyo kuti uuise munzvimbo yaunoda.

The Mukati Playbook. Networking maficha mune itsva Ansible Injini 2.9

The Mukati Playbook. Networking maficha mune itsva Ansible Injini 2.9

Zvose izvi zvinorevei? Nei zvichikosha?

Iyi posvo inovhara akawanda akaomesesa pfungwa, asi isu tinovimba kuti pakupedzisira iwe uchave nekunzwisisa kuri nani kwezviri kukumbirwa nevatengi vemabhizinesi muchokwadi kuunganidza, data normalization, uye loop kumisikidzwa kweautomation platform. Asi nei vachida kuvandudzwa uku? Masangano mazhinji ave kutsvaga shanduko yedhijitari kuti aite kuti nharaunda dzavo dzeIT dzive dzakasimba uye dzinokwikwidza. Kune zvirinani kana kuipa, vazhinji mainjiniya etiweki vanova vagadziri vetiweki kungave nekuda kwekuzvifarira kana nekuraira kwemanejimendi.

Masangano ari kuona kuti otomatiki ega ega network matemplate haagadzirise dambudziko resilos uye anongowedzera mashandiro kune imwe nhanho. Iyo Red Hat Ansible Automation Platform inopa yakaomesesa uye yakajairwa zviwanikwa data modhi kuti igadzirise zvine hungwaru data riri pasi petiweki mudziyo. Kureva kuti, vashandisi vari kusiya zvishoma nezvishoma nzira dzekugadzirisa dzega dzega vachifarira nzira dzechizvino-zvino nekusimbisa matekinoroji (semuenzaniso, IP kero, VLANs, LLDP, nezvimwewo), pane pane chaiyo vatengesi kuita.

Izvi zvinoreva here kuti mazuva eanovimbika uye akapupurirwa ekuraira mamodule uye kumisikidzwa akaverengerwa? Hapana zvakadaro. Iyo inotarisirwa network resource modules haizoshande muzviitiko zvese kana kune wese mutengesi, saka iyo yekuraira uye mamodule ekugadzirisa acharamba achidikanwa netiweki mainjiniya kune mamwe maitirwo. Chinangwa chezvishandiso modules ndechekurerutsa makuru eJinja matemplate uye kugadzirisa isina kurongeka masisitimu emudziyo kuita yakarongeka JSON fomati. Nemaresource modules, zvichave nyore kune network iripo kuti ishandure gadziriso yavo kuita yakarongeka kiyi-kukosha mapeya anomiririra iri nyore kuverenga sosi yechokwadi. Nekushandisa yakarongeka kiyi-value pairi, unogona kubva pakumhanyisa zvigadziriso pachishandiso chega chega kuenda kushanda neyakazvimiririra yakarongeka data uye kuunza network kumberi kwenzira yekuvaka-se-code.

Ndeapi maturusi module achange achiuya muAnsible Injini 2.9?

Tisati takuudza zvakadzama zvichaitika muAnsible 2.9, ngatiyeukei kuti takakamura sei chikamu chose chebasa.

Isu takaona 7 mapoka uye takapa chaiyo network zviwanikwa kune yega yega:

The Mukati Playbook. Networking maficha mune itsva Ansible Injini 2.9

Ongorora: Zviwanikwa zvine mavara matema zvakarongwa uye zvakaiswa muAnsible 2.9.
Zvichienderana nemhinduro kubva kumabhizinesi evatengi uye nharaunda, zvaive zvine musoro kutanga kubata iwo mamodule ane hukama netiweki topology protocol, virtualization, uye mainterface.
Aya anotevera zviwanikwa modules akagadzirwa neAnsible Network timu uye anoenderana nemapuratifomu anotsigirwa neRed Hat:

The Mukati Playbook. Networking maficha mune itsva Ansible Injini 2.9

Aya anotevera ma module anogadzirwa neAnsible nharaunda:

  • exos_lldp_global - kubva kuExtreme Networks.
  • nxos_bfd_interfaces - kubva kuCisco
  • nxos_telemetry - kubva kuCisco

Sezvauri kuona, iyo pfungwa yezvishandiso modules inokwana mune yedu yepuratifomu-centric zano. Kureva kuti, isu tinosanganisira hunyanzvi hunodiwa uye mabasa muAnsible pachayo kutsigira kumira mukugadzirwa kwenetiweki module, uye zvakare kurerutsa basa revashandisi pamwero weAnsible mabasa uye mabhuku ekutamba. Kuti uwedzere kukudziridzwa kwemamodules, timu yeAnsible yakaburitsa iyo Module Builder chishandiso.

Zvirongwa zveAnsible 2.10 uye kupfuura

Kana Ansible 2.9 yaburitswa, tichange tichishanda pane inotevera seti yemamodules eAnsible 2.10, iyo inogona kushandiswa kuenderera mberi nekugadzirisa network topology uye mutemo, semuenzaniso. ACL, OSPF uye BGP. Hurongwa hwekusimudzira huchiri kugona kugadziridzwa, saka kana uine zvaunofunga, ndapota zviudze Ansible Network community.

Zvishandiso uye kutanga

Press kuburitswa nezve Ansible Automation Platform
Ansible Automation Platform Blog
Remangwana rekutumira zvemukati muAnsible
Mafungiro ekuchinja Ansible purojekiti chimiro

Source: www.habr.com

Voeg