設定生命週期管理Configuration lifecycle management

本文涵蓋 Azure 模組化資料中心的網路設定生命週期管理。This article covers network configuration lifecycle management for Azure Modular Datacenter.

更新設定Update configuration

此欄位中用來更新切換設定的方法適用于所有和任何類型的設定更新。This methodology for updating switch configurations in the field applies to all and any type of configuration updates. 由於我們的控制項之外有許多未知的變數,例如客戶或 OEM 所套用的手動設定,因此此手動程式有多個步驟。Because of many unknown variables outside of our control, like manual configurations applied by customers or by the OEM, this manual process has multiple steps. 目前無法保證執行時間。At this time, there's no guarantee of uptime. 您應在維護期間執行更新。Updates should be performed during a maintenance window.

  1. 針對 edge1、edge2、tor1、tor2 和 BMC 交換器,建立目前設定檔的備份。Make a backup of the current configuration files for edge1, edge2, tor1, tor2, and BMC switches. 從交換器複製這些檔案。Copy these files off the switch.

  2. 記下現有設定的工具組組建編號。Make a note of the toolkit build number of the existing configuration. 所有設定都應該在 motd 橫幅中有這個數位。All configurations should have this number in the motd banner. 搜尋 BUILDNUMBERDo a search for BUILDNUMBER.

  3. 使用步驟2中的相同工具組版本重新產生初始設定。Regenerate the initial configurations by using the same toolkit version from step 2.

  4. 將步驟3中的設定載入至各自的參數。Load the configurations from step 3 onto their respective switches. 此動作的重點是將我們 的工具所產生的設定 ,透過切換參數來取得基準。The point of this action is to wash the config generated by our tools through a switch to get a baseline. OEM 可以在不同硬體上執行此動作,例如在 OEM 的實驗室中,或與客戶的現場。This action could be performed by the OEM on separate hardware, like in the OEM's lab, or onsite with the customer.

  5. 從步驟4建立設定檔的備份。Make a backup of the config file from step 4. 將它複製到遠端位置。Copy it to a remote location.

  6. 使用您選擇的 diff 工具,將步驟1中目前設定的備份與步驟5中基準設定的備份進行比較。Using the diff tool of your choice, compare the backup of the current config from step 1 to the backup of the baseline configuration from step 5. 針對每個裝置所升級的交換器設定,請記下或複製所有差異。Make a note or copy of all the differences that should be carried over to the upgraded switch configuration per device.

  7. 執行會產生更新交換器設定的新工具組。Run the new toolkit that will generate the updated switch configurations.

  8. 將步驟6中的差異合併到新的交換器設定。Merge the differences from step 6 into the new switch configurations.

  9. 將新的設定載入至各自的參數。Load the new configurations onto the respective switches. 從我們的工具執行輸出目錄中提供的驗證後命令。Run the post-validation commands provided in the output directory from our tooling.

  10. 儲存組態。Save the configurations.

NTPNTP

您可以使用具特殊權限的端點 (PEP) 來更新 Azure Stack 中的時間伺服器。You can use the privileged endpoint (PEP) to update the time server in Azure Stack. 使用可解析為兩個或多個網路時間通訊協定 (NTP) 伺服器 IP 位址的主機名稱。Use a host name that resolves to two or more Network Time Protocol (NTP) server IP addresses.

Azure Stack 會使用 NTP 連接到網際網路上的時間伺服器。Azure Stack uses the NTP to connect to time servers on the internet. NTP 伺服器會提供精確的系統時間。NTP servers provide accurate system time. 在 Azure Stack 的實體網路交換器、硬體生命週期主機、基礎結構服務和虛擬機器上,都會使用時間。Time is used across Azure Stack's physical network switches, hardware lifecycle host, infrastructure service, and virtual machines. 如果時鐘未同步,Azure Stack 可能會遇到網路和驗證的嚴重問題。If the clock isn't synchronized, Azure Stack might experience severe issues with the network and authentication. 記錄檔、檔和其他檔案可能會以不正確的時間戳記來建立。Log files, documents, and other files might be created with incorrect timestamps.

需提供一部時間伺服器 (NTP) 讓 Azure Stack 同步處理時間。Providing one time server (NTP) is required for Azure Stack to synchronize time. 在部署 Azure Stack 時,您應提供 NTP 伺服器的位址。When you deploy Azure Stack, you provide the address of an NTP server. 時間是重要的資料中心基礎結構服務。Time is a critical datacenter infrastructure service. 如果服務變更,您將需要更新時間。If the service changes, you'll need to update the time.

Azure Stack 支援將時間與一部時間伺服器 (NTP) 進行同步處理。Azure Stack supports synchronizing time with only one time server (NTP). 您無法提供多個 NTPs 讓 Azure Stack 同步處理時間。You can't provide multiple NTPs for Azure Stack to synchronize time with. 建議您設定可解析為多部 NTP 伺服器的網域名稱系統 (DNS) 專案。We recommend you set up Domain Name System (DNS) entry that resolves to multiple NTP servers.

更新 NTP 部署後Update NTP post deployment

  1. 連線至 PEP。Connect to the PEP. 您不需要開啟支援票證來將其解除鎖定。You don't need to open a support ticket to unlock it.

  2. 執行下列命令來檢查目前設定的 NTP 伺服器。Run the following command to review the current configured NTP server.

    Get-AzsTimeSource
    
  3. 執行下列命令來更新 Azure Stack,以使用新的 NTP 伺服器並立即同步處理時間。Run the following command to update Azure Stack to use the new NTP server and to immediately synchronize the time.

    Set-AzsTimeSource -Timeserver NEWTIMESERVER -resync
    

注意

此程序不會更新實體交換器上的時間伺服器。This procedure doesn't update the time server on the physical switches.

DNSDNS

本節涵蓋如何更新 DNS 轉寄站來解析外部名稱。This section covers how to update DNS forwarders to resolve external names.

更新 Azure Stack 中的 DNS 轉寄站Update the DNS forwarder in Azure Stack

Azure Stack 基礎結構必須至少有一個可連線的 DNS 轉寄站,才能解析外部名稱。At least one reachable DNS forwarder is necessary for the Azure Stack infrastructure to resolve external names. 部署 Azure Stack 時必須提供 DNS 轉寄站。A DNS forwarder must be provided for the deployment of Azure Stack. 該輸入會用來作為 Azure Stack 內部 DNS 伺服器的轉寄站,並針對驗證、marketplace 管理或使用等服務啟用外部名稱解析。That input is used for the Azure Stack internal DNS servers as forwarder and enables external name resolution for services like authentication, marketplace management, or usage.

DNS 是可變更的重要資料中心基礎結構服務。DNS is a critical datacenter infrastructure service that can change. 如果有變更,則必須更新 Azure Stack。If it does change, Azure Stack must be updated.

本文說明如何使用 PEP 來更新 Azure Stack 中的 DNS 轉寄站。This article describes using the PEP to update the DNS forwarder in Azure Stack. 建議您使用兩個可靠的 DNS 轉寄站 IP 位址。We recommend that you use two reliable DNS forwarder IP addresses.

  1. 連線至 PEP。Connect to the PEP. 開啟支援票證,並不需要將 PEP 解除鎖定。It isn't necessary to unlock the PEP by opening a support ticket.

  2. 執行下列命令以檢閱目前設定的 DNS 轉寄站。Run the following command to review the current configured DNS forwarder. 或者,您也可以使用系統管理員入口網站的區域屬性。As an alternative, you can also use the admin portal region properties.

    Get-AzsDnsForwarder 
    
  3. 執行下列命令,將 Azure Stack 更新為使用新的 DNS 轉寄站。Run the following command to update Azure Stack to use the new DNS forwarder.

    Set-AzsDnsForwarder -IPAddress "IPAddress 1", "IPAddress 2"
    
  4. 檢查命令的輸出中是否有任何錯誤。Review the output of the command for any errors.