安裝和部署 Network Controller 準備需求Installation and Preparation Requirements for Deploying Network Controller

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

準備您的資料中心部署 Network Controller 的您可以使用此主題。You can use this topic to prepare your datacenter for Network Controller deployment.

以下是您必須先部署 Network Controller 需要安裝、 軟體和其他需求和準備步驟。Following are the installation, software, and other requirements and preparation steps you must take before deploying Network Controller.

安裝需求Installation requirements

以下是 Network Controller 的安裝需求。Following are the installation requirements for Network Controller.

  • 針對 Windows Server 2016 部署,您可以上一或多個電腦、 一或多個 Vm 或的電腦和 Vm 部署網路控制器。For Windows Server 2016 deployments, you can deploy Network Controller on one or more computers, one or more VMs, or a combination of computers and VMs. 所有 Vm 和為 Network Controller 節點計劃的電腦必須都執行 Windows Server 2016 Datacenter edition。All VMs and computers planned as Network Controller nodes must be running Windows Server 2016 Datacenter edition.

軟體需求Software requirements

網路控制器部署需要一或多個電腦或做為一部電腦與網路控制器,請 Vm VM 做為 Network Controller 的管理 client。Network Controller deployment requires one or more computers or VMs that will serve as the Network Controller, and one computer or VM to serve as a management client for Network Controller. 這些電腦或 Vm 必須執行下列作業系統。These computers or VMs must run the following operating systems.

  • 任何電腦或一樣 (VM) 時,您可以安裝 Network Controller 必須執行 Windows Server 2016 Datacenter 版本。Any computer or virtual machine (VM) upon which you install Network Controller must be running the Datacenter edition of Windows Server 2016.

  • 管理 client 電腦或網路控制器 VM 必須執行 Windows 8、 Windows 8.1 或 Windows 10。The management client computer or VM for Network Controller must be running Windows 8, Windows 8.1, or Windows 10.

額外需求Additional requirements

以下是您必須先部署 Network Controller 需要額外的步驟。Following are additional steps you must take before deploying Network Controller.

設定安全性群組Configure security groups

如果電腦或網路控制器和管理 client Vm 加入網域的設定下列安全性群組 Kerberos 驗證。If the computers or VMs for Network Controller and the management client are domain-joined, configure the following security groups for Kerberos authentication.

  • 建立安全性群組並新增所有的使用者設定 Network Controller 的權限。Create a security group and add all of the users who have permission to configure Network Controller. 例如,建立名為群組網路控制器管理員For example, create a group named Network Controller Admins. 所有的使用者,您將這個群組也必須成員網域使用者群組中 Active Directory 使用者電腦。All of the users that you add to this group must also be members of the Domain Users group in Active Directory Users and Computers.

    注意

    如需有關 Active Directory 使用者電腦中建立群組,請查看建立新的群組For more information on creating a group in Active Directory Users and Computers, see Create a new group.

  • 建立安全性群組並新增所有的使用者設定及管理網路使用 Network Controller 的權限。Create a security group and add all of the users who have permission to configure and manage the network by using Network Controller. 例如,建立新群組命名為網路控制器使用者For example, create a new group named Network Controller Users. 您新增到新群組的使用者的所有也必須成員網域使用者群組中 Active Directory 使用者電腦。All of the users that you add to the new group must also be members of the Domain Users group in Active Directory Users and Computers. 使用代表狀態傳輸 (REST) 被執行所有 Network Controller 設定及管理。All Network Controller configuration and management is performed using Representational State Transfer (REST).

視需要設定檔登入的位置Configure log file locations if needed

您可以將網路控制器偵錯登 Network Controller 的電腦上 VM 或遠端檔案共用。You can store Network Controller debug logs on the Network Controller computer or VM, or on a remote file share. 如果您想要儲存登入遠端檔案共用,請從網路控制器可以存取分享。If you want to store the logs in a remote file share, ensure that the share is accessible from the Network Controller.

設定動態 DNS 登記 Network ControllerConfigure dynamic DNS registration for Network Controller

您可以將網路控制器叢集節點在相同的子網路或其他子網路上的部署。You can deploy Network Controller cluster nodes on the same subnet or on different subnets.

注意

如果 Network Controller 節點上相同的子網路,您必須提供的網路控制器其餘 IP 位址,當您設定動態 DNS 登記 Network Controller 的。If the Network Controller nodes are on the same subnet, you must provide the Network Controller REST IP address when you configure dynamic DNS registration for Network Controller. 如果節點上不同子網路,您必須提供的網路控制器其他 DNS 名稱,當您設定動態 DNS 登記。If the nodes are on different subnets, you must provide the Network Controller REST DNS name when you configure dynamic DNS registration.

如果網路控制器節點上不同子網路,您必須執行下列 DNS 設定:If Network Controller nodes are on different subnets, you must perform the following additional DNS configuration:

  • 部署程序期間建立 Network Controller 的 DNS 名稱Create a DNS name for Network Controller during the deployment process

  • 設定 DNS 伺服器上的網路控制器 DNS 名稱 DNS 動態更新Configure DNS dynamic updates for the Network Controller DNS name on the DNS server

  • 只 Network Controller 節點僅 DNS 動態更新Restrict the DNS dynamic updates to Network Controller nodes only

您可以使用下列程序,設定 DNS 動態更新,並只名稱記錄 Network Controller 的動態更新。You can use the following procedures to configure DNS dynamic updates and to restrict dynamic updating of the Network Controller name record.

注意

資格在網域系統管理員,或相當於,才能執行這些程序最小值。Membership in Domain Admins, or equivalent, is the minimum required to perform these procedures.

若要允許 DNS 區域的動態更新To allow DNS dynamic updates for a zone

  1. 打開 DNS 管理員。Open DNS Manager.

  2. 主控台中適用的區域,以滑鼠右鍵按一下,然後按一下屬性In the console tree, right-click the applicable zone, and then click Properties. 這個區域的屬性對話方塊。The zone's Properties dialog box opens.

  3. 一般索引標籤上,確認區域類型 *主要Active Directory 整合On the **General* tab, verify that the zone type is either Primary or Active Directory-integrated.

  4. 的動態更新,確認只有安全選取。In Dynamic updates, verify that Secure only is selected. 未選取,如果變更的值動態更新僅限安全性,然後按一下 [ [確定]If it is not selected, change the value of Dynamic updates to Secure only, and then click OK.

設定 DNS Network Controller 節點區域的安全性權限To configure DNS zone security permissions for Network Controller nodes

  1. 打開 DNS 管理員。Open DNS Manager.

  2. 主控台中適用的區域,以滑鼠右鍵按一下,然後按一下屬性In the console tree, right-click the applicable zone, and then click Properties. 這個區域的屬性對話方塊。The zone's Properties dialog box opens.

  3. 按一下安全性索引標籤,然後按一下 [進階]Click the Security tab, and then click Advanced. 進階安全性設定]對話方塊。The Advanced Security Settings dialog box opens.

  4. 進階安全性設定],按一下 [新增]In Advanced Security Settings, click Add. 的權限的項目對話方塊。The Permission Entry dialog box opens.

  5. 按一下請選取主體Click Select a principal. 選擇使用者、 電腦、 或群組對話方塊。The Select User, Computer, Service Account, or Group dialog box opens.

  6. 選擇使用者、 電腦、 或群組對話方塊中,按物件類型In the Select User, Computer, Service Account, or Group dialog box, click Object Types. 物件類型對話方塊。The Object Types dialog box opens.

  7. 物件類型,請選取電腦,然後按一下 [ [確定]In Object Types, select Computers, and then click OK.

  8. 選擇使用者、 電腦、 或群組對話方塊中,輸入您的部署的其中一個節點 Network Controller NetBIOS 名稱,然後按一下 [ [確定]In the Select User, Computer, Service Account, or Group dialog box, type the NetBIOS name of one of the Network Controller nodes in your deployment, and then click OK.

  9. 的權限的項目,確保的值輸入允許的值與適用於這個物件和所有系物件In Permission Entry, ensure that the value of Type is Allow, and the value of Applies to is This object and all descendant objects.

  10. 在 [權限,選取 [寫入所有屬性Delete,,然後按一下 [ [確定]In Permissions, select Write all properties and Delete, and then click OK.

  11. 重複執行步驟5透過10的所有電腦和 Vm 中 Network Controller 叢集。Repeat steps 5 through 10 for all computers and VMs in the Network Controller cluster.

如需詳細資訊,請查看計劃軟體定義網路基礎架構For more information, see Plan a Software Defined Network Infrastructure.