Namhlanje, ugxininiso lwethu alukho kuphela kumgca wemveliso weHuawei wokudala amanethiwekhi amaziko edatha, kodwa kunye nendlela yokwakha izisombululo eziphambili ezisekelwe kuzo. Masiqale ngeemeko, siqhubele phambili kwimisebenzi ethile exhaswa zizixhobo, kwaye siphele ngokujonga ngokubanzi izixhobo ezithile ezinokuthi zenze isiseko samaziko edatha anamhlanje kunye nenqanaba eliphezulu lokuzenzekelayo kweenkqubo zenethiwekhi.
Kungakhathaliseki ukuba iimpawu zezixhobo zenethiwekhi ziyamangalisa kangakanani, amandla okusebenzisa izisombululo zokwakha ezisekelwe kuyo zichongwa ngendlela esebenzayo ngayo ukuhlanganiswa kwe-hardware, isofthiwe, i-virtual kunye nezinye itekhnoloji ehambelana nayo. Ukuzama ukuhambisana namaxesha, sizama ukubonelela ngokukhawuleza abathengi ngamathuba anamhlanje kwaye athembisayo, ahlala ephambi kwezicwangciso ze-wildest zabanye abathengisi.
Izisombululo ezisekelwe kwi-Cloud Fabric ziquka inethiwekhi yeziko ledatha, umlawuli we-SDN, kunye namanye amacandelo ayimfuneko kwiprojekthi ethile, kubandakanywa nabanye abavelisi.
Imeko yokuqala kunye neyona nto ilula ibandakanya ukusetyenziswa kwenani elincinci lamacandelo: inethiwekhi yakhiwe kwi-hardware yeHuawei kunye nezixhobo zeqela lesithathu ukwenza ngokuzenzekelayo iinkqubo zolawulo lwenethiwekhi kunye nokubeka iliso. Umzekelo, njengeAnsible okanye iMicrosoft Azure.
Imeko yesibini ithatha ukuba umthengi sele usebenzisa i-virtualization kunye ne-SDN inkqubo yamaziko edatha, ithi i-NSX, kwaye ifuna ukusebenzisa izixhobo zeHuawei njenge-hardware VTEP (Vitual Tunnel End Point) ngaphakathi kwesisombululo seVMware ekhoyo. Kwiwebhusayithi yale nkampani Izixhobo zeHuawei eziye zavavanywa kwaye zinokusetyenziswa njengeVTEP. Emva kwakho konke, akusiyo imfihlo ukuba, kungakhathaliseki ukuba i-VXLAN (i-Virtual Extensible LAN) iphumelele kangakanani izisombululo zesofthiwe ekutshintsheni okubonakalayo, ukuphunyezwa kwe-hardware kusebenza ngokufanelekileyo ngokubhekiselele ekusebenzeni.
Imeko yesithathu kukwakhiwa kokusingatha kunye neenkqubo zeklasi zekhompyutha ezibandakanya umlawuli, kodwa zinqongophele naliphi na iqonga eliphezulu apho kuya kufuneka ukuba lidibanise. Enye yeendlela zokuphumeza le meko ibandakanya ubukho be-Agile Controller-DCN SDN controller. Abalawuli benkqubo banokusebenzisa olu yilo ukwenza imisebenzi yolawulo lwenethiwekhi yemihla ngemihla. Inguqu ephuhliswe ngakumbi yemeko yesithathu isekelwe ekusebenzisaneni kwe-Agile Controller-DCN kunye ne-VMware vCenter, idityaniswe yinkqubo ethile yoshishino, kodwa kwakhona ngaphandle kwenkqubo yokulawula ephezulu.
Imeko yesine iyaphawuleka-ukudityaniswa kunye neqonga elinyukayo elisekwe kwi-OpenStack okanye imveliso yethu yeFusionSphere ebonakalayo. Sibhalisa izicelo ezininzi zezisombululo ezifanayo zokwakha, phakathi kwazo i-OpenStack (i-CentOS, i-Red Hat, njl.) yeyona nto idumileyo. Konke kuxhomekeke kwiyiphi iqonga le-orchestration kunye nokulawulwa kwezixhobo zekhompyutha ezisetyenziswa kwiziko ledatha.
Imeko yesihlanu intsha ngokupheleleyo. Ukongeza kwi-hardware eyaziwayo, iquka i-switch ye-virtual esasazwayo CloudEngine 1800V (CE1800V), enokuthi iqhutywe kuphela nge-KVM (i-Kernel-based Virtual Machine). Olu lwakhiwo lubandakanya ukudibanisa i-Agile Controller-DCN kunye neqonga le-container ye-Kubernetes usebenzisa i-plugin ye-CNI. Ke, iHuawei, kunye nehlabathi liphela, iyahamba ukusuka kwi-host virtualization ukuya kwindlela yokusebenza ebonakalayo.
Okungakumbi malunga nokufakwa kwesikhongozeli
Ngaphambili sikhankanye i-CE1800V iswitshi ebonakalayo esetyenziswe kusetyenziswa i-Agile Controller-DCN. Ngokudibanisa neeswitshi ze-Huawei hardware, benza uhlobo lwe "hybrid overlay". Kungekudala, izikripthi zesikhongozeli ezivela kwiHuawei ziya kufumana inkxaso ye-NAT kunye nemisebenzi yokulinganisa umthwalo.
Umda wezakhiwo kukuba i-CE1800V ayinakusetyenziswa ngokwahlukileyo kwi-Agile Controller-DCN. Kufuneka kwakhona kuthathelwe ingqalelo ukuba i-PoD enye yeqonga le-Kubernetes ayinakuquka izikhongozeli ezingaphezu kwezigidi ezi-4.
Ukudibanisa kwinethiwekhi ye-VXLAN yeziko ledatha kwenzeka nge-VLAN (i-Virtual Local Area Network), kodwa kukho ukhetho apho i-CE1800V isebenza njenge-VTEP kunye nenkqubo ye-BGP (i-Border Gateway Protocol). Oku kuvumela iindlela ze-BGP ukuba zitshintshwe kunye nomqolo ngaphandle kwesidingo sokutshintsha kwehardware eyahlukileyo.
IiNethiwekhi eziqhutywa ngokweNjongo: uthungelwano oluhlalutya iinjongo
Huawei Injongo-Driven Network (IDN) concept emva ngo-2018. Ukususela ngoko, inkampani iye yaqhubeka isebenza kumanethiwekhi asebenzisa iteknoloji yekhompyutheni yefu, idatha enkulu kunye nobukrelekrele bokwenziwa ukuhlalutya iinjongo kunye neenjongo zabasebenzisi.
Ngokusisiseko, sithetha ngentshukumo ukusuka kwi-automation ukuya kukuzimela. Injongo echaziweyo yomsebenzisi ibuyiswa ngendlela yeengcebiso ezivela kwimveliso yenethiwekhi malunga nendlela yokuphumeza le njongo. Kwintliziyo yalo msebenzi yi-Agile Controller-DCN amandla aya kongezwa kwimveliso ukuqinisekisa ukuphunyezwa kweengcamango ze-IDN.
Kwixesha elizayo, ngokungeniswa kwe-IDN, kuya kwenzeka ukuhambisa iinkonzo zenethiwekhi ngokuchofoza okukodwa, oku kuthetha ukuba iqondo eliphezulu lokuzenzekelayo. Uyilo lwemodyuli yemisebenzi yenethiwekhi kunye nokukwazi ukudibanisa le misebenzi kuya kuvumela umlawuli ukuba achaze ngokulula ukuba zeziphi iinkonzo ezifuna ukwenziwa zifumaneke kwicandelo elithile lomnatha.
Ukufezekisa le nqanaba lokulawula, inkqubo ye-ZTP (i-Zero Touch Provisioning) ibaluleke kakhulu. I-Huawei iphumelele impumelelo enkulu kule nto, ngenxa yokuba inikezela ngokukwazi ukuhambisa ngokupheleleyo inethiwekhi ngaphandle kwebhokisi.
Ufakelo olongezelelweyo kunye nenkqubo yokuthunyelwa ngokuyimfuneko ibandakanya inkqubo yokukhangela uqhagamshelwano phakathi kwezibonelelo (uqhagamshelwano lwenethiwekhi) kunye nokuvavanya utshintsho ekusebenzeni kwenethiwekhi ngokuxhomekeke kwiindlela zayo zokusebenza. Eli nqanaba libandakanya ukuqhuba ukulinganisa ngaphambi kokuqala umsebenzi wokwenene.
Isinyathelo esilandelayo kukuqwalasela iinkonzo ukuze zihambelane neemfuno zomthengi (unikezelo lwenkonzo) kunye nokuqinisekiswa kwabo, okwenziwa zizixhobo ezakhelwe ngaphakathi zeHuawei. Emva koko konke okuseleyo kukujonga umphumo.
Ngoku kunokwenzeka ukuba uhambe kuyo yonke indlela echazwe ngokusebenzisa indlela enye ebanzi esekelwe kwi-platform ye-iMaster NCE equkethe i-Agile Controller-DCN kunye ne-eSight network element management system (EMS).
Okwangoku, i-Agile Controller-DCN inokutshekisha ukufumaneka kwezibonelelo kunye nobukho bonxibelelwano, kunye ne-proactively (emva kokuvunywa komlawuli) ukuphendula kwiingxaki kwinethiwekhi. Ukongeza iinkonzo eziyimfuneko ngoku zenziwa ngesandla, kodwa kwixesha elizayo iHuawei izimisele ukwenza oku kunye neminye imisebenzi, njengokuthunyelwa kweseva, ukucwangciswa kwenethiwekhi kwiinkqubo zokugcina, njl.
Imixokelelwane yenkonzo kunye ne-micro-segmentation
I-Agile Controller-DCN iyakwazi ukucubungula iintloko zenkonzo (i-Net Service Headers, okanye i-NSH) equlethwe kwiipakethi ze-VXLAN. Oku kuluncedo ekudaleni amatyathanga eenkonzo. Umzekelo, ujonge ukuthumela uhlobo oluthile lwepakethe ecaleni kwendlela eyahlukileyo kuleyo inikezelwa yiprothokholi yomzila. Ngaphambi kokuba bashiye inethiwekhi, kufuneka badlule kuhlobo oluthile lwesixhobo (i-firewall, njl.). Ukwenza oku, kwanele ukumisela ikhonkco lenkonzo equlethe imigaqo efunekayo. Ngombulelo kumatshini onjalo, kunokwenzeka, umzekelo, ukuqwalasela imigaqo-nkqubo yokhuseleko, kodwa ezinye iindawo zesicelo sayo nazo zinokwenzeka.
Umzobo ubonisa ngokucacileyo ukusebenza kwe-RFC-ehambelana namatyathanga eenkonzo ezisekelwe kwi-NSH, kwaye inika uluhlu lokutshintsha kwe-hardware exhasayo.
Izakhono zekhonkco zenkonzo yeHuawei zincediswa kukwahlulwahlulwa kancinci, indlela yokhuseleko yenethiwekhi ebeka amacandelo okhuseleko phantsi kwizinto zomthwalo womsebenzi ngamnye. Ukunqanda imfuneko yokuqwalasela ngesandla inani elikhulu le-ACLs inceda ukujikeleza uLuhlu loLawulo lokuFikelela (ACL) ibhotile.
Ukusebenza ngobukrelekrele
Ukuqhubela phambili kumbandela wokusebenza kwenethiwekhi, umntu akanako ukusilela ukukhankanya elinye icandelo le-brand ye-iMaster NCE yeambrella - iFabricInsight intelligent network analyzer. Ibonelela ngezakhono ezibanzi zokuqokelela i-telemetry kunye nolwazi malunga nokuhamba kwedatha kwinethiwekhi. I-Telemetry iqokelelwa kusetyenziswa i-gRPC kwaye iqokelela idatha kwiipakethi ezithunyelwayo, ezifakwe kwi-buffered kunye nezilahlekileyo. Isixa esikhulu sesibini solwazi sidityaniswe kusetyenziswa i-ERSPAN (I-Encapsulated Remote Switch Port Analyzer) kwaye inika umbono wokuhamba kwedatha kwiziko ledatha. Ngokusisiseko, sithetha ngokuqokelela iintloko ze-TCP kunye nesixa solwazi oludluliselwe ngexesha leseshoni ye-TCP nganye. Oku kunokwenziwa ngokusebenzisa izixhobo ezahlukeneyo zeHuawei - uluhlu lwazo luboniswe kumzobo.
I-SNMP kunye ne-NetStream nazo azilityalwanga, ke iHuawei isebenzisa iindlela ezindala kunye nezintsha ukuze isuke kwinethiwekhi njenge "bhokisi emnyama" ukuya kwinethiwekhi esazi ngayo yonke into ngayo.
I-AI Fabric: I-Lossless Smart Grid
Iimpawu ze-AI Fabric ezixhaswa yi-hardware yethu ziyilelwe ukuguqula i-Ethernet ibe yintsebenzo ephezulu, ephantsi-latency, i-packet-ilahleko yenethiwekhi. Oku kuyimfuneko ukuphumeza iimeko ezisisiseko zokusasazwa kwesicelo kwinethiwekhi yeziko ledatha.
Kulo mzobo ungasentla sibona iingxaki ukuba kukho umngcipheko wokuhlangana xa usebenzisa inethiwekhi:
- ilahleko yepakethe;
- ukuphuphuma kwesithinteli;
- Ingxaki yokulayishwa kwenethiwekhi xa usebenzisa amakhonkco ahambelanayo.
Izixhobo zeHuawei zisebenzisa iindlela zokusombulula zonke ezi ngxaki. Ngokomzekelo, kwinqanaba le-chip, iteknoloji yomgca we-virtual engenayo iye yaziswa, leyo ngexesha elifanayo ayivumeli ukuvinjelwa kwegalelo (i-HOL blocking).
Kwinqanaba leprotocol, kukho iDynamic ECN mechanism - ukutshintsha ngokutshintsha ubungakanani bebuffer, kunye neFast CNP - ithumela ngokukhawuleza iipakethi zomyalezo malunga nengxaki kwinethiwekhi kumthombo.
Amalungelo alinganayo okuqukuqela и Inkxaso ye-Dynamic Packet Prioritization (DPP) iteknoloji inceda, equka ukubeka iinqununu ezimfutshane zedatha ukusuka kwimilambo eyahlukeneyo ukuya kumgca ohlukeneyo ophambili. Ke, iipakethi ezimfutshane ziphila bhetele kwindawo yokuqukuqela okude, okunzima.
Masicacise ukuba ezi ndlela zingentla zisebenze ngokufanelekileyo, kufuneka zixhaswe ngokuthe ngqo kwisixhobo.
Yonke le misebenzi isetyenziswa kwenye yeemeko ezintathu zokusebenzisa izixhobo zeHuawei:
- xa kusakhiwa iinkqubo zobuntlola ezenziweyo ezisekelwe kwizicelo ezisasaziweyo;
- xa udala iinkqubo zokugcina idatha ezisasaziweyo;
- xa udala iinkqubo zekhompyutha yokusebenza ephezulu (HPC).
Iingcamango zifakwe kwi-hardware
Emva kokuxoxa ngeemeko eziqhelekileyo zokusebenzisa izisombululo zeHuawei kunye nokudwelisa amandla abo aphambili, masiqhubele phambili ngqo kwisixhobo.
I-CloudEngine 16800 liqonga elibonelela ngokusebenza ngaphezulu kwe-400 Gbit/s ujongano. Uphawu lwayo bubukho, kunye ne-CPU, ye-chip yayo yokudlulisa kunye neprosesa yobukrelekrele eyenziweyo, eyimfuneko ukuphumeza amandla e-AI Fabric.
Iqonga lenziwe ngokungqinelana ne-architecture ye-orthogonal yangaphambili kunye ne-airflow system ngaphambili ukuya ngasemva kwaye iza nenye yeentlobo ezintathu ze-chassis - 4 (10U), 8 (16U) okanye i-16 (32U) slots.
I-CloudEngine 16800 inokusebenzisa iindidi ezininzi zamakhadi omgca. Phakathi kwazo kukho zombini i-10-gigabit kunye ne-40-, kunye ne-100-gigabit, kubandakanywa nezitsha ngokupheleleyo. Amakhadi ane-25 kunye ne-400 Gbit / s interfaces zicwangciswe ukukhululwa.
Ngokubhekiselele kwi-ToR (i-Top of rack) iitshintshi, iimodeli zabo zangoku zibonakaliswe kwixesha elingasentla. Eyona nto inomdla kakhulu yimizekelo emitsha ye-25-Gigabit, i-100-Gigabit itshintsha kunye ne-400-Gigabit uplinks, kunye ne-high-density 100-Gigabit switch kunye ne-96 port.
Utshintsho oluphambili olusisigxina lweHuawei okwangoku yi-CloudEngine 8850. Kufuneka itshintshwe yimodeli ye-8851 kunye ne-32 100 Gbit / s ujongano kunye nesibhozo se-400 Gbit / s ujongano, kunye nokukwazi ukuwahlula ku-50, 100 okanye 200 Gbit/s.
Olunye utshintsho kunye noqwalaselo olusisigxina, CloudEngine 6865, isahlala kumgca weemveliso zangoku zeHuawei. Lo ngumsebenzi oqinisekisiweyo kunye nokufikelela kwe-10/25 Gbps kunye nesibhozo se-100 Gbps uplinks. Masiyongeze ukuba ikwaxhasa i-AI Fabric.
Umzobo ubonisa iimpawu zazo zonke iimodeli ezintsha zokutshintsha, ukubonakala esikulindele kwiinyanga ezizayo, okanye kwiiveki. Ukulibaziseka okuthile ekukhululweni kwabo kungenxa yemeko ejikeleze i-coronavirus. Kwakhona, imiba yoxinzelelo lwezohlwayo kwiHuawei isahlala ifanelekile, nangona kunjalo, zonke ezi ziganeko zinokuchaphazela kuphela ixesha le-premiere.
Olunye ulwazi malunga nezisombululo zeHuawei kunye nokhetho lwabo lwesicelo zinokufumaneka ngokulula ngokubhalisela iiwebinars zethu okanye uqhagamshelane nabameli benkampani ngokuthe ngqo.
***
Siyakukhumbuza ukuba iingcali zethu zihlala ziqhuba iiwebinars kwiimveliso zeHuawei kunye nobuchwepheshe ababusebenzisayo. Uluhlu lwewebhu kwiiveki ezizayo luyafumaneka .
umthombo: www.habr.com