CN110661670A - Network equipment configuration management method and device - Google Patents
Network equipment configuration management method and device Download PDFInfo
- Publication number
- CN110661670A CN110661670A CN201911002627.XA CN201911002627A CN110661670A CN 110661670 A CN110661670 A CN 110661670A CN 201911002627 A CN201911002627 A CN 201911002627A CN 110661670 A CN110661670 A CN 110661670A
- Authority
- CN
- China
- Prior art keywords
- configuration
- target
- target network
- template
- executable
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
- H04L41/0813—Configuration setting characterised by the conditions triggering a change of settings
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0889—Techniques to speed-up the configuration process
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
Abstract
The invention provides a network equipment configuration management method and a device, which are applied to the technical field of internet, and the method and the device are characterized in that after a configuration change requirement of a target network architecture is obtained, preset network topology information of the target network architecture is called, the target network equipment related to the configuration change requirement and corresponding target configuration are determined by combining the configuration change requirement and the preset network topology information, then an executable configuration template of the target network equipment is generated based on the target configuration, and finally the target network equipment with the executable configuration template is sent to enable the target network equipment to obtain the configuration in the executable configuration template so as to complete configuration change. The invention takes the whole target network architecture as a management object, provides a corresponding executable template aiming at the target network equipment, automatically realizes the configuration change of the target network equipment, breaks through the limitation of equipment management platforms of different manufacturers, can effectively improve the efficiency of configuration management, and quickly responds to the requirement of a user on the configuration change of the network equipment.
Description
Technical Field
The invention belongs to the technical field of internet, and particularly relates to a network equipment configuration management method and device.
Background
The configuration of each network device in the network architecture needs to serve upper-layer applications, and when any new application is online or the original application needs to be functionally expanded or upgraded, the configuration of the relevant network device in the network architecture needs to be managed in cooperation with the application, for example, configuration information is added to the network device or the existing configuration information of the network device is replaced, so as to ensure normal communication of the new application.
In the actual construction process of the network architecture, a large number of network devices of different manufacturers are used, and therefore, when a new application is online or an original application is functionally expanded or upgraded, configurations of the network devices provided by different manufacturers need to be managed respectively.
Although network equipment manufacturers mostly provide their own equipment management platforms, the equipment management platforms can only perform configuration management on the network equipment of their own manufacturers, and in order to achieve the overall connectivity of the network architecture and ensure the normal use of the application, the network equipment configurations of different manufacturers still need to be manually adjusted one by one. Obviously, the execution efficiency of the network device configuration management method is low, and the agility requirement of the user on the configuration management is difficult to meet.
Disclosure of Invention
In view of the above, an object of the present invention is to provide a method and an apparatus for managing network device configuration, so as to implement unified management of network device configurations of different manufacturers in a network architecture, and improve efficiency of configuration management, so as to quickly respond to a user's requirement for a configuration change of a network device, and the specific scheme is as follows:
in a first aspect, the present invention provides a network device configuration management method, including:
acquiring a configuration change requirement of a target network architecture;
responding to the configuration change requirement, and calling preset network topology information of the target network architecture;
determining target network equipment related to the implementation of the configuration change requirement and target configuration corresponding to the target network equipment according to the configuration change requirement and the preset network topology information;
generating an executable configuration template corresponding to the target network equipment according to the target configuration;
and sending the executable configuration template to the target network equipment so that the target network equipment acquires the configuration in the executable configuration template to complete the configuration change of the target network equipment.
Optionally, the generating an executable configuration template of the target network device according to the target configuration includes:
acquiring a functional interface document of the target network equipment;
generating a dynamic configuration template according to the functional interface document;
and adding the target configuration to the dynamic configuration template to obtain an executable configuration template of the target network equipment.
Optionally, the generating a dynamic configuration template according to the functional interface document includes:
analyzing the functional interface document to obtain parameters in the functional interface document and an interface format defined by the functional interface document;
and generating a dynamic configuration template which comprises the parameters and conforms to the interface format requirement.
Optionally, adding the target configuration to the dynamic configuration template to obtain an executable configuration template of the target network device, where the executable configuration template includes:
and assigning values to the parameters in the dynamic configuration template according to the target configuration to obtain an executable configuration template of the target network equipment.
Optionally, the dynamic configuration template includes JinJa XML dynamic configuration template.
Optionally, the sending the executable configuration template to the target network device includes:
determining a target communication protocol supported by the target network equipment;
and issuing the executable configuration template to the target network equipment according to the target communication protocol.
Optionally, if the configuration change requirement has a change time limit, the sending the executable configuration template to the target network device includes:
acquiring system time;
and when the system time reaches the change time limit, sending the executable configuration template to the target network equipment.
Optionally, the responding to the configuration change requirement and invoking preset network topology information of a target network architecture includes:
analyzing the configuration change requirement and extracting the field content of a specified field in the configuration change requirement;
checking the field content;
if the verification is passed, calling preset network topology information of the target network architecture;
and if the verification fails, returning error prompt information.
In a second aspect, the present invention provides a network device configuration management apparatus, including:
a requirement obtaining unit, configured to obtain a configuration change requirement of a target network architecture;
the calling unit is used for calling preset network topology information of the target network architecture in response to the configuration change requirement;
a determining unit, configured to determine, according to the configuration change requirement and the preset network topology information, a target network device related to the configuration change requirement and a target configuration corresponding to the target network device;
a generating unit, configured to generate an executable configuration template corresponding to the target network device according to the target configuration;
a sending unit, configured to send the executable configuration template to the target network device, so that the target network device obtains the configuration in the executable configuration template, and completes configuration change of the target network device.
Optionally, the generating unit, when generating the executable configuration template of the target network device according to the target configuration, specifically includes:
acquiring a functional interface document of the target network equipment;
generating a dynamic configuration template according to the functional interface document;
and adding the target configuration to the dynamic configuration template to obtain an executable configuration template of the target network equipment.
Based on the technical scheme, the method and the device for managing the network equipment configuration, which are provided by the invention, develop configuration management for all the network equipment in a target network architecture, call the preset network topology information of the target network architecture after acquiring the configuration change requirement of the target network architecture, determine the target network equipment related to the configuration change requirement and the corresponding target configuration in the target network architecture by combining the configuration change requirement and the preset network topology information, then generate an executable configuration template of the target network equipment based on the target configuration, and finally send the executable configuration template Chinese character target network equipment so that the target network equipment acquires the configuration in the executable configuration template to complete the configuration change of the target network equipment. The network equipment configuration management method and the network equipment configuration management device provided by the invention take the whole target network architecture as a management object, provide a corresponding executable template aiming at the target network equipment after determining the target network equipment related to the configuration change requirement, and automatically realize the configuration change of the target network equipment, and do not need to adopt the mode in the prior art, and break through the limitation of equipment management platforms of different manufacturers aiming at the configuration change of the network equipment one by one of different manufacturers, so that the efficiency of configuration management can be effectively improved, and the requirement of a user on the configuration change of the network equipment can be quickly responded.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a flowchart of a network device configuration management method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of the dynamic configuration template generated based on JinJa XML in the embodiment of the present invention;
fig. 3 is a block diagram of a network device configuration management apparatus according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted in advance that the control interfaces of the network device described in the embodiments of the present invention all use transaction interfaces, and the configuration of the network device is managed through the transaction interfaces, so as to ensure the security and reliability of configuration issue and ensure that the operation can be rolled back. The network device management method provided by the embodiment of the invention can be used for carrying out configuration management on network devices in network architectures such as a general traditional data center network and a local area network, wherein the general traditional data center network refers to mainstream network devices provided by network manufacturers and comprises a network system consisting of a router, a switch, a firewall and load balancing, but considering that the networking mode of the network architecture is flexible and changeable in each enterprise, the networking mode of the network architecture is not limited in the embodiment of the invention.
Referring to fig. 1, fig. 1 is a flowchart of a network device configuration management method provided in an embodiment of the present invention, where the method is applicable to a server capable of performing information interaction with a network architecture and performing centralized management on each network device in the network architecture, or other electronic devices capable of implementing corresponding functions; referring to fig. 1, a method for managing network device configuration according to an embodiment of the present invention may include:
step S100, obtaining a configuration change requirement of the target network architecture.
The configuration change requirement mentioned in the embodiment of the present invention refers to an original configuration change requirement initiated by a user, and particularly, to a standard configuration change such as a firewall policy change, a load balancing configuration change, a DNS (Domain Name System) configuration change, and the like.
The acquired configuration change requirement definitely includes the key parameters related to the change, and optionally, the change parameters can be transmitted in a JSON message format. For example, for firewall policy standard change, the key parameters include a source IP address, a destination IP address, port information transmission, and the like related to the opening policy; the load balance needs to provide service IP, port information, real server IP, port information, polling and session holding algorithm and overtime time information; the domain name DNS change needs to provide information such as domain name, IP address, etc. It should be noted that, in the embodiment of the present invention, specific contents of the key information included in the configuration change requirement are not limited, and key parameters related to initiating the configuration change requirement in the prior art are all selectable, which is not described herein again.
Optionally, for the manner of obtaining the configuration change requirement, a preset API (Application Programming Interface) may be provided for the user to call by the requirement management platform, and receive the configuration change requirement initiated by the user through the self-set requirement management platform. Further, the embodiment of the present invention further provides a webbui (web user Interface, web product Interface design) Interface, and a user accesses the webbui Interface provided in the embodiment of the present invention, and enters a configuration change requirement on the Interface or transmits a key parameter related to the change requirement in a preset manner, so as to also achieve acquisition of the configuration change requirement.
Optionally, in order to ensure that the obtained configuration change requirement is correct and effective and avoid generating an erroneous configuration change, in the embodiment of the present invention, after the configuration change requirement is obtained, the configuration change requirement is further processed and stored, including operations such as information verification and data entry, and after the processing is completed, the processing result is fed back to a user, for example, a user-provided requirement management platform.
Specifically, for the processing of the configuration change requirement, the configuration change requirement may be analyzed according to the regular expression and the custom rule, the field content of the specified field included in the configuration change requirement is extracted, and the field content is checked, for example, whether the IP address format, the domain name format, and the port information format are wrong or not is checked, and if the field content passes the check, the corresponding change record including information of the change requirement, creation time, creation personnel, change status, and the like is stored in the database. More importantly, the step of subsequently calling the preset network topology information of the target network architecture is executed under the condition that the verification is passed. If the verification fails, the error prompt information is returned to the API caller for prompting through the interface.
The verified configuration change requirement and the historical information related to the network equipment configuration can also provide a tracing service, provide query retrieval and workflow state record change for the database stored in the information, such as query services for receiving the requirement, processing state of an arrangement layer, issuing execution results of the configuration and the like, and simultaneously provide basic data services for generating reports and the like.
It should be noted that, as described above, the method provided in the embodiment of the present invention is applied to a server that is independent of a network architecture and separately performs configuration management on network devices in the network architecture, and therefore, the target network architecture described in the embodiment of the present invention is a network architecture connected to the server to which the method provided in the embodiment of the present invention is applied.
Step S110, responding to the configuration change requirement, and invoking preset network topology information of the target network architecture.
After the configuration change requirement is obtained, if a verification step for the configuration change requirement is included, after the verification is passed, the preset network topology information of the target network architecture is called.
The preset network topology information comprises the device name, IP address, manufacturer, model and the like of each network device in the target network architecture, and the firewall comprises the association relation between the firewall and a security domain and all subnet sections below the security domain; for the load balancing device, management network segment information (including a service IP network segment and a downlink server configuration network segment) of the load balancing device needs to be recorded, and the DNS device needs to record network segment address information and the like which are responsible for issuing domain names. It should be noted that the content of the preset network topology information is only an exemplary list, and is not a specific limitation on the content included in the preset network topology information, and other related network topology information may also be included in the process of implementing the network device modification, and also belong to the protection scope of the present invention without departing from the scope of the core idea of the present invention.
Optionally, the acquisition of the network topology information may be implemented in two ways. First, the recording content for the network topology and the Configuration relationship in the CMDB (Configuration Management Database) Management platform based on the user is obtained. Secondly, under the condition that a user does not have a CMDB management platform, the embodiment of the invention provides an information input platform with a preset format, and preset network topology information of a target network topology can be input through the information input platform, so that the collection of the preset network topology information is realized. It should be noted that, the information entry platform mentioned in the embodiments of the present invention may be implemented by any method in the prior art, and the specific form and entry method of the information entry platform in the present application are not limited.
Step S120, determining a target network device related to the implementation of the configuration change requirement and a target configuration corresponding to the target network device according to the configuration change requirement and the preset network topology information.
As described above, the preset network topology information includes not only the configuration information of the network devices themselves, but also the configuration relationship between the network devices, and the conditions of each network device can be accurately known through the preset network topology information, and at the same time, the overall architecture condition of the target network topology can be known. After the configuration change requirement and the preset network topology information are obtained, the target network device related to the configuration change requirement and the target configuration corresponding to the target network device can be determined through a mature algorithm in the prior art.
For example, for a firewall policy standard change, a configuration change request submitted by a user includes a source IP address, a destination IP address, and a port to be opened. After the configuration change requirement is acquired, the preset network topology information is called and calculated according to the source IP address and the target IP address in the configuration change requirement, and the required network topology information comprises the relationship between the firewall and the security domain, the relationship between the security domain and the administered network segment, and the connection relationship between the security domain and the security domain (namely, the security domains of the two firewalls cover the same network segment).
Firstly, traversing each firewall to cover own network segment through a source IP address and a destination IP address, obtaining the firewall and a security domain name directly connected with the source IP address and the destination IP address, and further continuously traversing whether other security domains of the two firewalls have a connection relation. If so, addressing ends, and if no direct connection exists, recursive addressing is required. In the recursive addressing process, firstly, other firewalls directly connected with the firewall directly and directly of the source IP address are found through the connection relation of the security domain, then whether the firewalls have the connection relation between the security domain and the firewall directly connected with the target IP address is judged in sequence, and if the connection relation is found, the addressing is finished; if the connection relation does not exist, the method needs to be continuously and recursively inquired according to the method so as to address the names of the firewall and the security domain passing through from the source IP address to the destination IP address, and generate the quintuple configuration (the source IP address, the destination IP address, the source security domain, the destination security domain and the port information) necessary for issuing the security policy.
For load balancing configuration, the configuration change requirements submitted by the user include virtual service IP resource pool information, server IP resource pool information and other personalized information, such as application type, timeout time, load balancing selection algorithm, etc. After the configuration change requirement is acquired, the preset network topology information is called to calculate according to the virtual service IP resource pool information and the server IP resource pool information in the configuration change requirement, the required preset network topology information comprises a coverage IP network segment which can provide services for the load balancing equipment, and the addressing work of the target network equipment is completed by traversing whether the IP address in the requirement information is administered by a certain load balancing equipment administration network segment or not.
Step S130, generating an executable configuration template corresponding to the target network device according to the target configuration.
As is known, for any manufacturer's network devices, there are communication protocols supported by the network devices themselves and recognizable configuration formats. In the prior art, network device manufacturers provide clients with functional interface documents, which provide a static calling example, in which not only parameters related to network device configuration but also an interface format are defined.
Optionally, after determining the target network device related to the requirement for implementing the configuration change and the target configuration corresponding to the target network device, the target configuration further needs to be converted into a configuration recognizable by the target network device. Firstly, a functional interface document of a target network device needs to be acquired, and after the corresponding interface document is acquired, the functional interface document is analyzed to acquire parameters and an interface format defined in the functional interface document. Then, a dynamic configuration template which comprises the parameters and meets the interface format requirement is generated, namely the dynamic configuration template is generated according to the functional interface document.
Optionally, referring to fig. 2, fig. 2 is a schematic diagram of generating a dynamic configuration template based on JinJa XML in the embodiment of the present invention. JinJa XML is a dynamic template configuration engine, which provides methods of variable injection, cyclic recursion, etc. to enable a program to generate a dynamic configuration template according to transmitted parameters in the process of reading the XML template. Specifically, in the conversion process, parameters related to the requirements are converted into a variable definition format of JinJa XML according to a functional interface document provided by a manufacturer, and then the dynamic configuration template can be obtained.
After the dynamic configuration template is obtained, the target configuration is added to the dynamic configuration template, and the executable configuration template of the target network device can be obtained. Specifically, according to the configuration information related in the target configuration, corresponding assignment is performed on parameters in the dynamic configuration template, so that each parameter obtains configuration information required for realizing the configuration change requirement, and further an executable configuration template of the target network device is obtained.
Optionally, in the embodiment shown in fig. 2, when a firewall policy is changed, an exemplary process of generating a configurable template is performed, that is, dynamic information variable description is performed on parameters in the vendor interface function template, such as a policy name, a source address, a destination address, a source security domain, a destination security domain, and port information. After the target configuration is obtained, the appointed JinJa dynamic configuration template can be selected according to the content of the target configuration and the corresponding target network equipment, the target configuration is dynamically filled into the JinJa dynamic configuration template, and the executable configuration template which can be identified by the target network equipment is generated.
Step S140, sending the executable configuration template to the target network device, so that the target network device obtains the configuration in the executable configuration template, and completing the configuration change of the target network device.
As mentioned above, each manufacturer's network device has its own supported communication protocol, and when sending the executable configuration template, the network device must follow the communication protocol of the target network device, so that when sending the executable configuration template to the target network device, the network device first determines the target communication protocol supported by the target network device, and then issues the executable configuration template to the target network device according to the target communication protocol, so that the target network device obtains the configuration in the executable configuration template, thereby completing the configuration change of the target network device.
It should be noted that, in the configurable template generated by the target configuration, after removing the corresponding configuration information, the configurable template also includes address information of the target network device, so that the address of the target network device is known in the process of sending the configurable template.
Optionally, in order to increase the response speed to the configuration change demand initiated by the user, the communication protocols supported by the network devices of each manufacturer in the target network architecture may be pre-stored in the preset memory, and a mapping relationship between the communication protocols and the network devices may be established. For example, transaction interfaces Netconf Over Soap and IMCRS supported by 3COM vendor equipment; the transaction interface Netconf Over SSH supported by the manufacturer equipment, the IControl reset supported by the manufacturer F5, and the general generic secure communications interface SSH are not described herein again.
Optionally, to facilitate management of processes of generating, issuing, and the like of the executable configuration, after the target configuration is obtained, the job may be generated according to the target configuration. The operation and the configuration change requirement are in a one-to-one correspondence relationship, each configuration change requirement can be correspondingly converted into an operation when being executed to the step, the operation can be understood as a control flow, the executable configuration template converted from the target configuration is limited in the control flow, and the executable configuration template is issued to the target network equipment at last, so that the whole process of configuration change is completed, and the efficient and ordered execution of the configuration change is ensured.
Optionally, in practical applications, some configuration change requirements do not need to be validated immediately, in this case, a change time limit may be set for the job, and when the system time reaches the change time limit, an issuing operation is performed, and the executable configuration template is sent to the target network device.
Optionally, the embodiment of the present invention may further provide an admission audit function for the issuing process, and perform permission audit on whether the caller initiating the configuration change request has the right to perform configuration change on the network device in the target network architecture, so as to ensure that the configuration of the target network architecture is not maliciously modified.
In summary, the network device configuration management method provided by the present invention takes the whole target network architecture as a management object, and after determining the target network device related to the configuration change requirement, provides a corresponding executable template for the target network device, and automatically implements the configuration change of the target network device, without adopting the manner in the prior art, and breaking through the limitation of device management platforms of different manufacturers for changing the configuration of network devices one by one of different manufacturers, so that the efficiency of configuration management can be effectively improved, and the requirement of a user for the configuration change of the network device can be quickly responded.
The network device configuration management apparatus provided in the embodiment of the present invention is introduced below, and the network device configuration management apparatus described below may be regarded as a functional module architecture that needs to be set in the central device to implement the network device configuration management method provided in the embodiment of the present invention; the following description may be cross-referenced with the above.
Fig. 3 is a block diagram of a network device configuration management apparatus according to an embodiment of the present invention, and referring to fig. 3, the apparatus may include:
a requirement obtaining unit 10, configured to obtain a configuration change requirement of a target network architecture;
the invoking unit 20 is configured to respond to the configuration change requirement, and invoke preset network topology information of the target network architecture;
a determining unit 30, configured to determine, according to the configuration change requirement and the preset network topology information, a target network device related to implement the configuration change requirement and a target configuration corresponding to the target network device;
a generating unit 40, configured to generate an executable configuration template corresponding to the target network device according to the target configuration;
a sending unit 50, configured to send the executable configuration template to the target network device, so that the target network device obtains the configuration in the executable configuration template, and completes configuration change of the target network device.
Optionally, the generating unit 40 is configured to, when generating the executable configuration template of the target network device according to the target configuration, specifically include:
acquiring a functional interface document of the target network equipment;
generating a dynamic configuration template according to the functional interface document;
and adding the target configuration to the dynamic configuration template to obtain an executable configuration template of the target network equipment.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method for network device configuration management, comprising:
acquiring a configuration change requirement of a target network architecture;
responding to the configuration change requirement, and calling preset network topology information of the target network architecture;
determining target network equipment related to the implementation of the configuration change requirement and target configuration corresponding to the target network equipment according to the configuration change requirement and the preset network topology information;
generating an executable configuration template corresponding to the target network equipment according to the target configuration;
and sending the executable configuration template to the target network equipment so that the target network equipment acquires the configuration in the executable configuration template to complete the configuration change of the target network equipment.
2. The method of claim 1, wherein generating the executable configuration template for the target network device according to the target configuration comprises:
acquiring a functional interface document of the target network equipment;
generating a dynamic configuration template according to the functional interface document;
and adding the target configuration to the dynamic configuration template to obtain an executable configuration template of the target network equipment.
3. The method of claim 2, wherein the generating a dynamic configuration template from the functional interface document comprises:
analyzing the functional interface document to obtain parameters in the functional interface document and an interface format defined by the functional interface document;
and generating a dynamic configuration template which comprises the parameters and conforms to the interface format requirement.
4. The method of claim 3, wherein adding the target configuration to the dynamic configuration template to obtain an executable configuration template for the target network device comprises:
and assigning values to the parameters in the dynamic configuration template according to the target configuration to obtain an executable configuration template of the target network equipment.
5. The network device configuration management method according to any of claims 1-4, wherein the dynamic configuration template comprises a JinJa XML dynamic configuration template.
6. The network device configuration management method of claim 1, wherein the sending the executable configuration template to the target network device comprises:
determining a target communication protocol supported by the target network equipment;
and issuing the executable configuration template to the target network equipment according to the target communication protocol.
7. The network device configuration management method according to claim 1, wherein if the configuration change requirement has a change time limit, the sending the executable configuration template to the target network device comprises:
acquiring system time;
and when the system time reaches the change time limit, sending the executable configuration template to the target network equipment.
8. The method according to claim 1, wherein the invoking the preset network topology information of the target network architecture in response to the configuration change requirement comprises:
analyzing the configuration change requirement and extracting the field content of a specified field in the configuration change requirement;
checking the field content;
if the verification is passed, calling preset network topology information of the target network architecture;
and if the verification fails, returning error prompt information.
9. A network device configuration management apparatus, comprising:
a requirement obtaining unit, configured to obtain a configuration change requirement of a target network architecture;
the calling unit is used for calling preset network topology information of the target network architecture in response to the configuration change requirement;
a determining unit, configured to determine, according to the configuration change requirement and the preset network topology information, a target network device related to the configuration change requirement and a target configuration corresponding to the target network device;
a generating unit, configured to generate an executable configuration template corresponding to the target network device according to the target configuration;
a sending unit, configured to send the executable configuration template to the target network device, so that the target network device obtains the configuration in the executable configuration template, and completes configuration change of the target network device.
10. The network device configuration management apparatus according to claim 9, wherein the generating unit, when generating the executable configuration template of the target network device according to the target configuration, specifically includes:
acquiring a functional interface document of the target network equipment;
generating a dynamic configuration template according to the functional interface document;
and adding the target configuration to the dynamic configuration template to obtain an executable configuration template of the target network equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911002627.XA CN110661670A (en) | 2019-10-21 | 2019-10-21 | Network equipment configuration management method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911002627.XA CN110661670A (en) | 2019-10-21 | 2019-10-21 | Network equipment configuration management method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110661670A true CN110661670A (en) | 2020-01-07 |
Family
ID=69041453
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911002627.XA Pending CN110661670A (en) | 2019-10-21 | 2019-10-21 | Network equipment configuration management method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110661670A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112333029A (en) * | 2020-11-23 | 2021-02-05 | 网易(杭州)网络有限公司 | Network architecture configuration information generation method and device, storage medium and electronic equipment |
| CN112636953A (en) * | 2020-12-07 | 2021-04-09 | 杭州迪普科技股份有限公司 | Policy command issuing method and device and electronic equipment |
| CN112787853A (en) * | 2020-12-29 | 2021-05-11 | 中国建设银行股份有限公司 | Automatic generation method and device of network change scheme and related equipment |
| CN113114511A (en) * | 2021-04-22 | 2021-07-13 | 中国科学技术大学 | Method and device for generating port description information of network equipment |
| CN114363164A (en) * | 2021-12-27 | 2022-04-15 | 中国民航信息网络股份有限公司 | Cloud network service arrangement control method and system, storage medium and electronic equipment |
| CN114362983A (en) * | 2020-10-12 | 2022-04-15 | 中国移动通信集团江西有限公司 | Firewall policy management method and device, computer equipment and storage medium |
| CN114553691A (en) * | 2022-04-28 | 2022-05-27 | 广东电网有限责任公司东莞供电局 | Method, device and equipment for creating network configuration template and network configuration |
| CN115051918A (en) * | 2021-03-09 | 2022-09-13 | 大唐移动通信设备有限公司 | Network device control method, server, device and storage medium |
| CN116634470A (en) * | 2023-07-21 | 2023-08-22 | 深圳艾灵网络有限公司 | Robot collaborative operation method, control server and local network management server |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103501254A (en) * | 2013-10-23 | 2014-01-08 | 北京旋极信息技术股份有限公司 | Multipurpose avionics relay network topology configuration management method and multipurpose avionics relay network topology configuration management system |
| CN104753697A (en) * | 2013-12-26 | 2015-07-01 | 华为技术有限公司 | Method, equipment and system for controlling provisioning of network equipment |
| CN108092979A (en) * | 2017-12-20 | 2018-05-29 | 国家电网公司 | A kind of firewall policy processing method and processing device |
| CN108334465A (en) * | 2018-02-06 | 2018-07-27 | 深圳壹账通智能科技有限公司 | Configuration method, device, equipment and the computer readable storage medium of communication interface |
-
2019
- 2019-10-21 CN CN201911002627.XA patent/CN110661670A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103501254A (en) * | 2013-10-23 | 2014-01-08 | 北京旋极信息技术股份有限公司 | Multipurpose avionics relay network topology configuration management method and multipurpose avionics relay network topology configuration management system |
| CN104753697A (en) * | 2013-12-26 | 2015-07-01 | 华为技术有限公司 | Method, equipment and system for controlling provisioning of network equipment |
| US20170180456A1 (en) * | 2013-12-26 | 2017-06-22 | Huawei Technologies Co., Ltd. | Method, device, and system for controlling network device auto-provisioning |
| CN108092979A (en) * | 2017-12-20 | 2018-05-29 | 国家电网公司 | A kind of firewall policy processing method and processing device |
| CN108334465A (en) * | 2018-02-06 | 2018-07-27 | 深圳壹账通智能科技有限公司 | Configuration method, device, equipment and the computer readable storage medium of communication interface |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114362983A (en) * | 2020-10-12 | 2022-04-15 | 中国移动通信集团江西有限公司 | Firewall policy management method and device, computer equipment and storage medium |
| CN112333029A (en) * | 2020-11-23 | 2021-02-05 | 网易(杭州)网络有限公司 | Network architecture configuration information generation method and device, storage medium and electronic equipment |
| CN112636953A (en) * | 2020-12-07 | 2021-04-09 | 杭州迪普科技股份有限公司 | Policy command issuing method and device and electronic equipment |
| CN112787853A (en) * | 2020-12-29 | 2021-05-11 | 中国建设银行股份有限公司 | Automatic generation method and device of network change scheme and related equipment |
| CN112787853B (en) * | 2020-12-29 | 2023-01-13 | 中国建设银行股份有限公司 | Automatic generation method and device of network change scheme and related equipment |
| CN115051918A (en) * | 2021-03-09 | 2022-09-13 | 大唐移动通信设备有限公司 | Network device control method, server, device and storage medium |
| CN115051918B (en) * | 2021-03-09 | 2024-03-12 | 大唐移动通信设备有限公司 | Control method, server, device and storage medium of network equipment |
| CN113114511A (en) * | 2021-04-22 | 2021-07-13 | 中国科学技术大学 | Method and device for generating port description information of network equipment |
| CN114363164B (en) * | 2021-12-27 | 2023-09-22 | 中国民航信息网络股份有限公司 | Cloud network service arrangement control method, system, storage medium and electronic equipment |
| CN114363164A (en) * | 2021-12-27 | 2022-04-15 | 中国民航信息网络股份有限公司 | Cloud network service arrangement control method and system, storage medium and electronic equipment |
| CN114553691B (en) * | 2022-04-28 | 2022-07-29 | 广东电网有限责任公司东莞供电局 | Method, device and equipment for creating network configuration template and network configuration |
| CN114553691A (en) * | 2022-04-28 | 2022-05-27 | 广东电网有限责任公司东莞供电局 | Method, device and equipment for creating network configuration template and network configuration |
| CN116634470A (en) * | 2023-07-21 | 2023-08-22 | 深圳艾灵网络有限公司 | Robot collaborative operation method, control server and local network management server |
| CN116634470B (en) * | 2023-07-21 | 2023-11-07 | 深圳艾灵网络有限公司 | Robot collaborative operation method, control server and local network management server |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110661670A (en) | Network equipment configuration management method and device | |
| US11362986B2 (en) | Resolution of domain name requests in heterogeneous network environments | |
| CN104506510B (en) | Method and device for equipment authentication and authentication service system | |
| CA2946224C (en) | Method and apparatus for automating the building of threat models for the public cloud | |
| CN108616490A (en) | A kind of method for network access control, apparatus and system | |
| CN110708322A (en) | Method for realizing proxy service of industrial internet identification analysis system | |
| US11696110B2 (en) | Distributed, crowdsourced internet of things (IoT) discovery and identification using Block Chain | |
| US11182163B1 (en) | Customizable courses of action for responding to incidents in information technology environments | |
| CN109474508B (en) | VPN networking method, VPN networking system, VPN master node equipment and VPN master node medium | |
| CN109672680B (en) | Cross-domain login method | |
| US20090271510A1 (en) | Network state platform | |
| JP2019097133A (en) | Communication monitoring system and communication monitoring method | |
| KR100714681B1 (en) | Network managing device and method thereof | |
| US20030009541A1 (en) | Method and system for setting communication parameters on network apparatus using information recordable medium | |
| CN107094088A (en) | A kind of loiter network device identification method, device and system | |
| CN112437100A (en) | Vulnerability scanning method and related equipment | |
| CN112333289A (en) | Reverse proxy access method, device, electronic equipment and storage medium | |
| CN107995321A (en) | A kind of VPN client acts on behalf of the method and device of DNS | |
| CN108712376A (en) | A kind of verification method and device for server log | |
| CN113194099B (en) | Data proxy method and proxy server | |
| CN111901412B (en) | Data processing method and computer readable storage medium | |
| CN100450011C (en) | Device for mediating in management orders | |
| CN110392127B (en) | Network address space identification method and device | |
| CN107911496A (en) | A kind of VPN service terminal acts on behalf of the method and device of DNS | |
| CN108366136B (en) | Domain name resolution method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200107 |