• 佈署準備
  • 架構資訊
  • 版本資訊
• 佈署流程
• 程式架構
• 佈署步驟
  • 佈署測試環境
  • 組態基礎服務
• 參考

為了減少測試 Infoblox 佈署及組態環境的時間，參考先前使用 VMware OVFTools 和 Infoblox WAPI 的經驗，並加上 GOVC(vSphere CLI) 工具，透過撰寫 BASH 腳本檔來完成測試環境的半自動佈署任務。

佈署準備

架構資訊

根據 [Infoblox DNS 安全解決方案測試需求及說明] 內容進行 POC 環境佈署。

版本資訊

佈署流程

由於佈署程序會採用 OVFTools 及 GOVC 工具，在 OVA 佈署階段會同時完成：

1. 虛擬主機(Infoblox DNS & Reporting)佈署。
2. 配置虛擬主機網路設定。
3. 指派測試用基礎授權-NIOS,GRID,DNS/DHCP,RPZ。

   目前沒有 Threat Analytics 及 Reporting 授權的引用方式，所以無法直接完成，有點遺憾！

4. 新增 Infoblox Reporting 虛擬主機的第二顆虛擬磁碟（250GB）。
5. 調整 Infoblox Reporting 虛擬主機的記憶體大小為 32 GB。

   預設安裝為 64 GB，因為測試資源受限，故調整虛擬主機記憶體。

6. 虛擬主機網路及授權資訊確認 (透過 SSH 連線使用 NIOS CLI 執行)。
   • 確認網路配置: show network。
   • Infoblox DNS 虛擬主機指派 Threat Analytics 授權: set temp_license。
   • 確認授權配置: show license, show license gridwide 和 show license all。
7. 完成 建立叢集/配置成員/加入叢集 相關任務。
   • Infoblox Reporting 虛擬主機指派 Reporting 授權。

   Reporting 授權必須在成員加入叢集後才能進行指派。

8. 啟用服務
   • 啟用 DNS 服務
   • 建立 RPZ Feeds
   • 啟用 Threat Analytics 服務
   • 建立 Authoritative Zone (從 AD DNS 進行區域傳送)
   • 建立 Forward Zone (區域查詢轉送至指定 DNS 主機)

   Authoritative Zone 和 Forward Zone 建立，可視實際測試狀況選項配置。

9. 配置 Reporting 服務

   目前一定要手動介入才能完成的組態項目，沒有 API 相關資訊可以參考。

佈署流程圖

程式架構

主要分成佈署環境及組態服務兩大部份。根據簡單的概念撰寫以下相關部署腳本檔及安裝組態檔。

佈署步驟

佈署測試環境

直接執行主程式 00_setup_lab.sh，完成兩台 Infoblox 虛擬主機的安裝、網路配置及硬體調整。

第一階段佈署測試環境，從 vCenter 檢視工作，從執行程式開始到佈署兩台虛擬機器電源開機，大約花了 5~6 分鐘，其中自動化地完成了虛擬機器佈署、網路組態配置、硬體資源調整和基本授權指派。

組態基礎服務

接著會繼續執行 01_config_lab.sh，會根據預設腳本透過 API 方式進行，依序完成相關功能組態。

• 建立 Grid 叢集

  Image Not Showing Possible Reasons

  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted

  Learn More →

• 啟用 Grid DNS 服務

  Image Not Showing Possible Reasons

  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted

  Learn More →

• 指派 Threat Analytics 與 Reporting 授權 [第一次手動介入處理]

  Image Not Showing Possible Reasons

  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted

  Learn More →

  這裡必須中斷用手動指派 Threat Analytics 與 Reporting 授權！目前沒有任何 API 使用資訊。

  Image Not Showing Possible Reasons

  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported

  Learn More →

執行 connect_infoblox.sh 採用 SSH 連線登入，使用 NIOS CLI 進行相關設定。

先連線至 Infoblox Reporting 虛擬機器，使用 set temp_license 指派 Reporting 授權，並使用 show license all 檢視結果。

使用 show disk 檢視報表存放空間。

再來連線 Infoblox DNS 虛擬機器，使用 set temp_license 指派 Reporting 授權，並使用 show license all 檢視結果。

繼續跟著輔助流程進行。

• 匯入 Infoblox RPZ Feed 情資

  Image Not Showing Possible Reasons

  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted

  Learn More →
  Image Not Showing Possible Reasons

  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted

  Learn More →

• 啟用 Threat Analytics 服務

  Image Not Showing Possible Reasons

  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted

  Learn More →

• 建立 Authoritative Zone 和 Forward Zone

  Image Not Showing Possible Reasons

  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted

  Learn More →

• 完成 Reporting 組態 [第二次手動介入處理]
  Image Not Showing Possible Reasons

  • The image was uploaded to a note which you don't have access to
  • The note which the image was originally uploaded to has been deleted

  Learn More →

連線 Grid Manager 管理介面。可以檢視 DNS 服務和 Threat Analytics 服務已經綠燈正常運行。

點擊 Grid > Grid Manager > Reporting，再選擇右側工具列 Edit 編輯屬性。

重啟服務後確認 Reporting 服務運作狀態，也是綠燈正常運行。

對，還沒完！點選 Reporting 繼續完成 App Configuration 任務。

就是覺得重複性的畫面點擊設定很麻煩！如果也可以用 API 完成就好了？！

設定外部檔案伺服器以提供查詢匯出，由於測試不需要，就任意輸入內容完成即可。

若是後續的警報、報表需要匯出至檔案伺服器時，就要重新配置此選項。

點選 Reporting 功能，確認 Apps 選單為 Infoblox Reporting & Analytics，再點選上方 Administration > Set up 後，便可調整檔案服務器選項。

在 Reporting 功能頁，點選右上方 Settings > Alert actions，可以設定警報和報表觸發時的作動行為。

Image Not Showing Possible Reasons

• The image was uploaded to a note which you don't have access to
• The note which the image was originally uploaded to has been deleted

Learn More →

其中 File Transfer Action 功能就需要設定正確的檔案伺服器，點選右側 Setup Infoblox Reporting & Analytics 進行組態。

只不過在我的系統上點選設定後會出現 "我是傳奇"？！見

Image Not Showing Possible Reasons

• The image file may be corrupted
• The server hosting the image is unavailable
• The image path is incorrect
• The image format is not supported

Learn More →

了！暫時就用上面提供的方式進行設定吧！

Image Not Showing Possible Reasons

• The image was uploaded to a note which you don't have access to
• The note which the image was originally uploaded to has been deleted

Learn More →

回到 Reporting 頁面，應該會看到以下畫面，報告分析尚未開始所以顯示空白為正常。

設定終了，完成任務！

參考

• Infoblox REST API NIOS 8.6 (PDF)
• Infoblox WAPI documentation (https://<Infoblox_IP_Address>/wapidoc/)