Network ControllerNetwork Controller

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

新的 Windows Server 2016 中 Network Controller 提供管理、設定、監視,以及疑難排解 virtual 和實體網路基礎結構,在您的資料中心自動化打造、程式化的點。New in Windows Server 2016, Network Controller provides a centralized, programmable point of automation to manage, configure, monitor, and troubleshoot virtual and physical network infrastructure in your datacenter.

您可以使用網路控制器,請將網路基礎結構,而不是執行手動設定網路的裝置和服務的設定。Using Network Controller, you can automate the configuration of network infrastructure instead of performing manual configuration of network devices and services.

網路控制器概觀Network Controller Overview

Network Controller 高度可用和擴充伺服器角色,並且提供一個應用程式的程式設計介面,可讓與網路通訊的 Network Controller (API) 和第二個的 API,讓您與 Network Controller。Network Controller is a highly available and scalable server role, and provides one application programming interface (API) that allows Network Controller to communicate with the network, and a second API that allows you to communicate with Network Controller.

您可以部署 Network Controller 的非網域環境和網域。You can deploy Network Controller in both domain and non-domain environments. 在網域環境中,Network Controller 驗證使用者與網路的裝置使用 Kerberos;在非網域環境中,您必須部署驗證的憑證。In domain environments, Network Controller authenticates users and network devices by using Kerberos; in non-domain environments, you must deploy certificates for authentication.

重要

不要部署實體主機上的 Network Controller 伺服器角色。Do not deploy the Network Controller server role on physical hosts. 若要部署 Network Controller,您必須安裝網路控制站伺服器角色 HYPER-V 一樣上 (VM) HYPER-V 主機上安裝。To deploy Network Controller, you must install the Network Controller server role on a Hyper-V virtual machine (VM) that is installed on a Hyper-V host. 有三種不同的 Hyper\ HYPER-V 主機上 Vm 上安裝 Network Controller 之後,您必須讓 Hyper\ HYPER-V 主機的網路軟體定義 (SDN) 加到使用 Windows PowerShell 命令 Network Controller 的主機新-NetworkControllerServerAfter you have installed Network Controller on VMs on three different Hyper-V hosts, you must enable the Hyper-V hosts for Software Defined Networking (SDN) by adding the hosts to Network Controller using the Windows PowerShell command New-NetworkControllerServer. 如此一來,您會讓 SDN 軟體負載平衡器函式。By doing so, you are enabling the SDN Software Load Balancer to function. 如需詳細資訊,請查看新-NetworkControllerServerFor more information, see New-NetworkControllerServer.

Network Controller 通訊網路的裝置、服務與元件使用 Southbound API。Network Controller communicates with network devices, services, and components by using the Southbound API. Southbound api,Network Controller 可以探索網路的裝置、偵測服務設定,以及收集所有的網路所需的資訊。With the Southbound API, Network Controller can discover network devices, detect service configurations, and gather all of the information you need about the network. 此外,Southbound API 提供 Network Controller 路徑,以將資訊傳送至網路基礎結構,例如您所做的變更設定。In addition, the Southbound API gives Network Controller a pathway to send information to the network infrastructure, such as configuration changes that you have made.

網路控制器 Northbound API 為您提供從網路控制器收集網路的資訊,並使用它來監視和設定網路的能力。The Network Controller Northbound API provides you with the ability to gather network information from Network Controller and use it to monitor and configure the network.

網路控制器 Northbound API 可讓您設定、監視、的疑難排解,以及使用 Windows PowerShell、代表狀態傳輸 (REST) API 或管理應用程式的圖形使用者介面,例如 System Center 一樣 Manager 中部署網路上的新裝置。The Network Controller Northbound API allows you to configure, monitor, troubleshoot, and deploy new devices on the network by using Windows PowerShell, the Representational State Transfer (REST) API, or a management application with a graphical user interface, such as System Center Virtual Machine Manager.

注意

以其他介面係網路控制器 Northbound API。The Network Controller Northbound API is implemented as a REST interface.

您可以使用管理應用程式,例如 System Center 一樣 Manager (SCVMM) 和 System Center Operations Manager (SCOM),來管理 datacenter 網路 Network Controller 的因為 Network Controller 可讓您設定、監控計畫,及的疑難排解網路基礎結構其控制。You can manage your datacenter network with Network Controller by using management applications, such as System Center Virtual Machine Manager (SCVMM), and System Center Operations Manager (SCOM), because Network Controller allows you to configure, monitor, program, and troubleshoot the network infrastructure that is under its control.

使用 Windows PowerShell、REST API 或管理應用程式,您可以使用 Network Controller 管理下列實體和 virtual 網路基礎結構:Using Windows PowerShell, the REST API, or a management application, you can use Network Controller to manage the following physical and virtual network infrastructure:

  • HYPER-V Vm 和 virtual 切換Hyper-V VMs and virtual switches

  • Datacenter 防火牆Datacenter Firewall

  • 遠端存取服務 (RAS) Multitenant 閘道、Virtual 閘道和閘道集區Remote Access Service (RAS) Multitenant Gateways, Virtual Gateways, and gateway pools

  • 軟體負載平衡器Software Load Balancers

下圖系統管理員會直接與 Network Controller 管理工具互動。In the following illustration, an Administrator uses a Management Tool that interacts directly with Network Controller. Network Controller 提供資訊的網路基礎結構,包括 virtual 和實體基礎結構,管理工具,並可設定的變更依據使用工具時,系統管理員的動作。Network Controller provides information about the network infrastructure, including both virtual and physical infrastructure, to the Management Tool, and makes configuration changes according to the Administrator's actions when using the tool.

網路控制器概觀

如果您要部署 Network Controller 實驗室測試環境中,您可以在 HYPER-V 一樣執行 Network Controller 伺服器角色 (VM) HYPER-V 主機上安裝。If you are deploying Network Controller in a test lab environment, you can run the Network Controller server role on a Hyper-V virtual machine (VM) that is installed on a Hyper-V host.

可用性高較大的資料中心,您可以使用的三個或更多 HYPER-V 主機上已安裝的三個 Vm 部署叢集。For high availability in larger datacenters, you can deploy a cluster by using three VMs that are installed on three or more Hyper-V hosts. 如需詳細資訊,請查看網路控制器可用性For more information, see Network Controller High Availability.

網路控制器功能Network Controller Features

下列 Network Controller 功能可讓您如何設定及管理 virtual 和實體網路的裝置和服務。The following Network Controller features allow you to configure and manage virtual and physical network devices and services.

重要

網路控制器備份與還原不是在 Windows Server 2016 中目前可用。Network Controller Backup and Restore is not currently available in Windows Server 2016.

防火牆管理Firewall Management

此 Network Controller 功能可讓您設定及管理允許日拒絕存取控制免針對您的工作負載 Vm 東日西和北日南網路流量在您的資料中心。This Network Controller feature allows you to configure and manage allow/deny firewall Access Control rules for your workload VMs for both East/West and North/South network traffic in your datacenter. 免之 vSwitch 連接埠工作負載 Vm 中,讓分散在您的工作負載 datacenter 中。The firewall rules are plumbed in the vSwitch port of workload VMs, and so they are distributed across your workload in the datacenter. 使用 Northbound API,您可以定義傳入和傳出工作負載 VM 流量免。Using the Northbound API, you can define the firewall rules for both incoming and outgoing traffic from the workload VM. 您也可以設定來登入的資料傳輸已允許或拒絕規則每個防火牆規則。You can also configure each firewall rule to log the traffic that was allowed or denied by the rule.

如需詳細資訊,請查看Datacenter 防火牆概觀For more information, see Datacenter Firewall Overview.

軟體負載平衡器管理Software Load Balancer Management

此 Network Controller 功能可讓您讓多個主機相同的工作負載、可用性和延展性伺服器。This Network Controller feature allows you to enable multiple servers to host the same workload, providing high availability and scalability.

如需詳細資訊,請查看軟體負載平衡和 #40;SLB 與 #41;適用於 SDNFor more information, see Software Load Balancing (SLB) for SDN.

管理 virtual 網路Virtual Network Management

這個 Network Controller 的功能可讓您部署及設定 HYPER-V 網路模擬,包括 HYPER-V Virtual 切換和個人 Vm 上的 virtual 網路介面卡以及市集並散發 virtual 的網路原則。This Network Controller feature allows you to deploy and configure Hyper-V Network Virtualization, including the Hyper-V Virtual Switch and virtual network adapters on individual VMs, and to store and distribute virtual network policies.

Network Controller 支援網路模擬一般路由封裝 (NVGRE) 和 Virtual 最具擴充性的區域網路 (VXLAN)。Network Controller supports both Network Virtualization Generic Routing Encapsulation (NVGRE) and Virtual Extensible Local Area Network (VXLAN).

RAS 閘道管理RAS Gateway Management

此 Network Controller 功能可讓您部署、設定及管理虛擬電腦 (Vm) 提供您 tenants 閘道服務 RAS 閘道集區的成員。This Network Controller feature allows you to deploy, configure, and manage virtual machines (VMs) that are members of a RAS Gateway pool, providing gateway services to your tenants. Network Controller 可讓您將會自動部署 Vm RAS 閘道執行下列閘道功能:Network Controller allows you to automatically deploy VMs running RAS Gateway with the following gateway features:

注意

在 System Center 一樣管理員 RAS 閘道稱為 Windows 伺服器閘道。In System Center Virtual Machine Manager, RAS Gateway is named Windows Server Gateway.

  • 新增從叢集移除閘道 Vm 並指定備份所需的層級。Add and remove gateway VMs from the cluster and specify the level of backup required.

  • 網站-virtual 私人網路 (VPN) 閘道器連接遠端承租人網路和您使用 IPsec 的資料中心。Site-to-site virtual private network (VPN) gateway connectivity between remote tenant networks and your datacenter using IPsec.

  • 網站-VPN 閘道器連接遠端承租人網路和您使用一般路由封裝 (GRE) 的資料中心。Site-to-site VPN gateway connectivity between remote tenant networks and your datacenter using Generic Routing Encapsulation (GRE).

  • 層級 3 轉接功能。Layer 3 forwarding capability.

  • 邊境閘道通訊協定 (BGP) 路由,可讓您管理您 tenants' VM 網路與他們遠端網站間網路流量的路由。Border Gateway Protocol (BGP) routing, which allows you to manage the routing of network traffic between your tenants' VM networks and their remote sites.

Network Controller 可以放不同閘道房客的不同連接。Network Controller can place different connections of a tenant on separate gateways. 您可以使用單一公用 IP 的所有閘道器連接或有不同公用 Ip 的子集的連接。You can use a single public IP for all gateway connections or have different public IPs for a subset of the connections. Network Controller 登所有閘道設定和狀態變更,可用於稽核和進行疑難排解。Network Controller logs all gateway configuration and state changes, which can be used for auditing and troubleshooting purposes.

適用於 BGP 的詳細資訊,請查看邊境閘道通訊協定與 #40;BGP 和 #41;.For more information on BGP, see Border Gateway Protocol (BGP).

適用於 RAS 閘道詳細資訊,請查看適用於 SDN RAS 閘道For more information on the RAS Gateway, see RAS Gateway for SDN.

網路控制器部署選項Network Controller Deployment Options

若要使用 System Center 一樣 Manager (VMM) 部署網路控制器,請查看設定中 VMM fabric SDN Network ControllerTo deploy Network Controller by using System Center Virtual Machine Manager (VMM), see Set up an SDN Network Controller in the VMM fabric.

若要部署 Network Controller 使用指令碼,查看部署軟體定義網路基礎結構使用指令碼To deploy Network Controller using scripts, see Deploy a Software Defined Network Infrastructure Using Scripts.

若要部署使用 Windows PowerShell 網路控制器,請查看使用 Windows PowerShell 部署 Network ControllerTo deploy Network Controller using Windows PowerShell, see Deploy Network Controller using Windows PowerShell