Communication method, control system for software upgrade image, and storage medium

Abstract

The present application relates to a communication method, a control system for software upgrade images, and a storage medium. An example method includes receiving, by a control system for software upgrade images, respective feature data for network devices of a network; generating, by the control system and based on the feature data for the network devices, an image map that indicates, for each of a plurality of different portions of a software upgrade image, an image proxy network device selected by the control system from the plurality of network devices to store the portion based on the feature data; and outputting, by the control system, the image map to one of the plurality of network devices to cause the network device to obtain, from a corresponding image proxy network device selected by the control system, each of the plurality of different portions of the software upgrade image to store the portion.

Description

[0001] This application claims the benefit of U.S. Patent Application No. 17 / 449,530, filed September 30, 2021, the entire contents of which are incorporated herein by reference. Technical Field

[0002] This disclosure relates to computer networks, and more specifically, to the management of network devices. Background Technology

[0003] A computer network is a collection of interconnected computing devices that can exchange data and share resources. Various devices operate to facilitate communication between these computing devices. For example, a computer network may include routers, switches, gateways, firewalls, and various other devices to provide and facilitate network communication.

[0004] These network devices typically include mechanisms for configuring the device locally or remotely, such as management interfaces. By interacting with the management interface, clients can perform configuration tasks and execute operational commands to collect and view operational data from the managed device. For example, a client can configure the device's interface card, adjust parameters of supported network protocols, specify physical components within the device, modify routing information maintained by the router, access software modules and other resources residing on the device, and perform other configuration tasks. Furthermore, clients can allow users to view current operating parameters from the device, system logs, network connection-related information, network activity or other status information, and view and respond to event information received from the device.

[0005] Network configuration services can be performed by multiple different devices, such as routers with service cards and / or dedicated service devices. These services include connectivity services such as Layer 3 Virtual Private Network (L3VPN), Virtual Private Local Area Network (VPLS), and peer-to-peer (P2P) services. Other services include network configuration services such as Dot1q VLAN services. Network Management Systems (NMS) and NMS devices (also known as controllers or controller devices) can support these services, allowing administrators to easily create and manage these high-level network configuration services. Summary of the Invention

[0006] In general, this disclosure describes techniques for managing network devices. An Component Management System (EMS), also referred to herein as a control system, is configured to implement distributed software upgrade image distribution for network device upgrades. For example, the control system is configured to determine, for instance, based on characteristic data such as device parameters of the managed devices, how to segment the software upgrade image and identify subsets of managed devices to be used as image proxy devices for portions of the software upgrade image. In some examples, device parameters include the amount of available storage space on devices that can be used to store the software upgrade image or portions. The control system generates image maps indicating the allocation of different portions of the software upgrade image to be stored by the corresponding network devices. In some examples, the control system generates a device upgrade plan for the upgrade devices based on the image maps.

[0007] The technology disclosed herein can provide one or more technical advantages, offering at least one practical application. For example, the technology disclosed herein enables a control system to download a software upgrade image to a network (e.g., a data center) all at once, and then use characteristic data such as size, bandwidth, and topology-aware methods to select managed devices to host the software upgrade image. The control system creates an image map for the image host and distributes the image map to managed devices for other managed devices to pull from during the image upgrade cycle. This helps alleviate the pressure on WAN links downloading the same image from external sources and increases parallel image pulling to deliver images to all devices faster. Furthermore, the technology disclosed herein can enable the creation of policies to control retries and operating thresholds for devices undergoing upgrades to avoid bottlenecks.

[0008] In some examples, one method includes receiving corresponding feature data for network devices of a software upgrade image from a control system of the software upgrade image; after receiving the feature data, generating an image map by the control system, the image map indicating, for each of a plurality of different portions of the software upgrade image, an image proxy network device selected by the system, to store the feature data based on the portion; and outputting the image map by the control system to one of the plurality of network devices, such that the network device obtains each of the plurality of different portions of the software upgrade image from the image proxy network device selected by the control system to store the portion.

[0009] In some examples, a control system for a software upgrade image manages a group of network devices (also referred to as elements), wherein the control system includes: one or more processors; and a memory including instructions that, when executed by the one or more processors, cause the one or more processors to: receive specific feature data for network devices of the network; generate an image map based on the feature data of the network devices, the image map indicating, for each of a plurality of different portions of the software upgrade image, an image proxy network device selected by the control system from the network devices, to store the feature data portion; and output the image map to one of the plurality of network devices, such that the network device obtains each of the plurality of different portions of the software upgrade image from the corresponding image proxy network device selected by the control system, to store said portion.

[0010] In another example, the system includes: a group of network devices; and a controller device that manages the group of network devices, the controller device including: a memory including a configuration database, the configuration database including a stored group of network device configurations, wherein each stored network device configuration in the stored group of network device configurations corresponds to a network device in the group of network devices; and processing circuitry configured to: receive corresponding feature data of the network devices; generate an image map based on the feature data of the network devices, the image map indicating, for each of a plurality of different parts of a software upgrade image, an image proxy network device selected by the control system from the network devices, based on the feature data storage portion; and output the image map to one of the plurality of network devices, such that the network device obtains each of the plurality of different parts of the software upgrade image from the corresponding image proxy network device selected by the control system, for storage portion.

[0011] In another example, a computer-readable storage medium includes instructions that, when executed, cause one or more processors of a control system to: receive corresponding feature data of network devices of a network; generate an image map based on the feature data of the network devices, the image map indicating, for each of a plurality of different portions of a software upgrade image, an image proxy network device selected by the control system from the network devices, to store portions based on the feature data; and output the image map to one of the plurality of network devices, such that the network device obtains each of the plurality of different portions of the software upgrade image from the corresponding image proxy network device selected by the control system, to store portions.

[0012] Details of one or more examples are set forth in the accompanying drawings and the description below. Other features, objects, and advantages will be apparent from the specification, the drawings, and the claims. Attached Figure Description

[0013] Figure 1This is a block diagram illustrating an example of an enterprise network managed using a controller device, based on one or more technologies according to this disclosure.

[0014] Figure 2 This illustrates one or more technologies according to this disclosure for use in... Figure 1 A block diagram of an example group of components for a controller device.

[0015] Figure 3 This is a flowchart illustrating an example operation of distributed software upgrade image distribution for network device upgrades according to one or more technologies of this disclosure. Detailed Implementation

[0016] Figure 1 This is a block diagram illustrating examples of elements of an enterprise network 2 managed using a controller device 10, according to one or more technologies of this disclosure. Managed elements 14A to 14G of the enterprise network 2 (collectively, “Element 14”) include network devices interconnected via communication links to form a communication topology for exchanging resources and information. Element 14 (also referred to as a network device or remote network device) may include, for example, routers, switches, gateways, bridges, hubs, servers, firewalls or other intrusion detection systems (IDS) or intrusion prevention systems (IDP), computing devices, computing terminals, printers, other network devices, or combinations thereof. Although described in this disclosure as supporting transmission, delivery, or otherwise packet handling, the enterprise network 2 may transmit data according to any other discrete data unit defined by any other protocol, such as cells defined by the Asynchronous Transfer Mode (ATM) protocol or datagrams defined by the User Datagram Protocol (UDP). The communication link interconnection element 14 may be a physical link (e.g., optical, copper, etc.), wireless, or any combination thereof. The enterprise network 2 may include more than Figure 1 The number of components 14 is much greater than shown.

[0017] Enterprise network 2 is shown as being coupled to public network 18 (e.g., the Internet) via communication link 16. For example, public network 18 may include one or more client computing devices. Public network 18 can provide access to web servers, application servers, public databases, media servers, end-user devices, and other types of network resource devices and content. Although described in relation to an enterprise service network for illustrative purposes, the techniques disclosed herein can be applied to other types of networks, such as branch networks, data center networks, service provider networks, Internet service provider networks, or other types of networks.

[0018] Controller device 10 is communicatively coupled to component 14 via enterprise network 2. In some examples, controller device 10 forms part of a device management system, although... Figure 1This example illustrates only one device in the device management system. Controller device 10 can be directly or indirectly coupled to multiple elements 14. Once the elements 14 are deployed and activated, the administrator 12 uses controller device 10 to manage network devices using device management protocols. An example device protocol is Simple Network Management Protocol (SNMP), which allows controller device 10 to traverse and modify the Management Information Base (MIB) where configuration data is stored within each managed element 14.

[0019] In general practice, controller device 10 (also known as a network management system (NMS) or NMS device) and components 14 are centrally maintained by the enterprise's information technology (IT) team. Administrator 12 interacts with controller device 10 to remotely monitor and configure components 14. For example, administrator 12 can receive alerts about any of components 14 from controller device 10, view configuration data for components 14, modify setting data for components 14, add new network devices to enterprise network 2, remove existing network devices from enterprise network 2, or otherwise manipulate enterprise network 2 and the network devices therein. Although described in relation to enterprise networks, the techniques disclosed herein are applicable to other network types, public and private, including LANs, VLANs, VPNs, etc.

[0020] In some examples, the administrator 12 interacts directly with component 14 using controller device 10 or a local workstation, for example, via remote login, Secure Shell (SSH), or other such communication sessions. That is, component 14 is typically configured with interfaces for direct interaction, such as a command-line interface (CLI), a network-based interface, a graphical user interface (GUI), etc., through which the user can interact with the device to issue text-based commands directly. For example, these interfaces typically allow users to interact directly with the device, such as via remote login, Secure Shell (SSH), Hypertext Transfer Protocol (HTTP), or other network sessions, entering text according to a defined syntax to submit commands to the managed component. In some examples, the user initiates an SSH session 15 with a component 14 (e.g., component 14F) using controller device 10 to directly configure component 14F. In this way, the user can directly provide component 14 with commands in a format suitable for execution.

[0021] Furthermore, the administrator 12 can create scripts that can be submitted by the controller device 10 to any or all components 14. For example, in addition to the CLI interface, component 14 provides an interface for receiving scripts that specify commands according to a scripting language. In a sense, the script can be output by the controller device 10 to automatically invoke the corresponding Remote Procedure Call (RPC) on the managed component 14. The script can conform to, for example, Extensible Markup Language (XML) or another data description language.

[0022] Administrator 12 uses controller device 10 to configure element 14 to specify certain operational characteristics that further achieve administrator 12's objectives. For example, administrator 12 can specify specific operational policies for element 14 regarding security, device accessibility, traffic engineering, Quality of Service (QoS), Network Address Translation (NAT), packet filtering, packet forwarding, rate limiting, or other policies. Controller device 10 performs configuration using one or more network management protocols designed to manage configuration data within managed network element 14, such as SNMP or the Network Configuration Protocol (NETCONF) protocol or its derivatives, such as the Juniper Device Management Interface. Generally, NETCONF provides a mechanism for configuring network devices and uses Extensible Markup Language (XML)-based data encoding for configuration data, which may include policy data. NETCONF is described in Enns, “NETCONF Configuration Protocol,” Network Working Group, RFC 4741, December 2006, available at tools.ietf.org / html / rfc4741. Controller device 10 can establish network configuration sessions with one or more elements 14.

[0023] Controller device 10 can be configured to accept high-level configuration data or intents from administrator 12 (which can be represented as structured input parameters, e.g., according to Bjorklund, “YANG—A Data Modeling Language for the Network Configuration Protocol (NETCONF)”, Internet Engineering Task Force, RFC 6020, October 2010, available at tools.ietf.org / html / rfc6020). Controller device 10 can also be configured to output corresponding low-level device configuration datasets, such as device configuration additions, modifications, and removals.

[0024] In some examples, controller device 10 may use YANG modeling for both the intent data model and the low-level device configuration model. This data may contain relationships across YANG entities, such as list items and containers. In some examples, controller device 10 may convert the YANG data model into a database model and convert YANG validation into data validation.

[0025] The controller device 10 can receive data from the administrator 12 representing any or all creation, update, and / or deletion actions related to the intent data model. The controller device 10 can be configured to use the same compilation logic for each creation, update, and deletion applied to the graphical model.

[0026] To upgrade a network device, such as element 14, the first step is to pull the image required for the upgrade. This disclosure differs from methods where only a centralized device hosts the software upgrade image based on a field-partition or Software-as-a-Service (SaaS) management solution, where the image to be upgraded is stored in a centralized server and accessed via a public link. For data center scenarios with a large number of devices pulling simultaneously, the centralized approach can become a bottleneck, resulting in longer maintenance windows. Furthermore, if the image is being pulled over a WAN network, this process can be very time-consuming, depending on the speed and number of simultaneous pulls. This disclosure proposes an image distribution method to avoid multiple network devices (e.g., element 14) simultaneously pulling software upgrade images, which could lead to network or server congestion hosting the images.

[0027] In some examples of the technology according to this disclosure, controller device 10 may receive, for example, an upgrade request 11 from an administrator or other user. Upgrade request 11 may include, for example, a command indicating an intention to upgrade the software of element 14 from software version "A" to a newer or more recent software version "B". The software of element 14 may include an image. An image is a serialized copy of a computer system state stored in some non-volatile form (such as a file). Upgrade request 11 may indicate a software upgrade image for upgrading element 14 to the newer software version "B".

[0028] In response to receiving upgrade request 11, controller device 10 is configured to determine, for example, based on device parameters of element 14, how to segment the software upgrade image and identify a subset of element 14 to be used as image proxy devices. In some examples, controller device 10 selects half (fifty percent) of element 14 as image proxy devices. In some examples, device parameters of element 14 include the amount of storage space available on element 14 that can be used to store the software upgrade image. Controller device 10 generates an image map indicating the allocation of different portions of the software upgrade image to be stored by the corresponding network devices of the selected element 14. In some examples, controller device 10 generates a device upgrade plan for upgrading element 14 based on the image map.

[0029] For example, controller device 10 can determine the topology of network 2, determine device parameters associated with one or more elements 14, and generate a topology graph to represent the network topology and device parameters. Controller device 10 can compute an optimization algorithm on the topology graph to generate an image mapping and device upgrade plan that attempts to use a subset of the elements 14 to be upgraded as image proxy devices to efficiently upgrade the elements 14 to be upgraded.

[0030] In some examples, controller device 10 selects one or more elements 14 as image proxy devices for storing corresponding portions of a software upgrade image, with the elements 14 being selected from a group of network devices to be upgraded. Controller device 10 generates an image map indicating the allocation of different portions of the software upgrade image to be stored by the corresponding network devices of the selected one or more network devices. Controller device 10 sends the image map to each element 14. Based on the image map, controller device 10 sends portions of the software upgrade image to the corresponding element 14 assigned as the image proxy network device. In some examples, the element 14 assigned as the image proxy network device is configured to request the allocation portion of the software upgrade image from controller device 10 in response to receiving the image map, and controller device 10 sends the allocation portion in response to the request. Controller device 10 then instructs the group of network devices to initiate the upgrade process based on the image map.

[0031] In general, controllers such as controller device 10 use a hierarchical data model for intents, low-level data models, and resources. The hierarchical data model can be based on YANG or YAML. As mentioned above, the hierarchical data model can be represented as a graph. Modern systems support intents that simplify network management. Intents are declarative. To achieve an intent, controller device 10 attempts to select the optimal resource. The client environment can be configured to allow clients (e.g., administrator 12) to control intent implementation and ensure programmed intents are implemented. In some examples, controller device 10 can construct a graphical data model by querying element 14 to determine the resources provided by element 14, but element 14 can also be queried to determine specific characteristic data, which includes resource information matching each resource type provided by element 14. Resource types may include, for example, forwarding tables, routing tables, network access policies (e.g., access for specific users, firewall policies, etc.), memory or other storage availability, or other such resources.

[0032] In some examples, controller device 10 may receive messages indicating feature data from elements of element 14 (e.g., element 14A), such as the amount of available storage space available for storing the software upgrade image at element 14A. In some examples, to retrieve information (or other feature data) indicating the available storage capacity of element 14A, controller device 10 may output a request for the available storage capacity of element 14A to element 14A. In response to this message, controller device 10 may receive information indicating the available storage capacity of element 14A from element 14A. Controller device 10 partially distributes the software upgrade image to a subset of elements of 14, and elements of 14 requiring an upgrade may pull from the subset of elements and perform the required upgrade. Controller device 10 achieves this by receiving corresponding feature data for the network elements; an image map is generated based on the feature data of the network elements, the image map indicating, for each of several different portions of the software upgrade image, an image agent network element selected by the control system from the network elements, based on the feature data storage portion. The controller device 10 outputs an image mapping to each element 14 being upgraded, such that the element obtains each of the multiple different parts of the software upgrade image from the corresponding image agent network device selected by the control system, and stores that part.

[0033] Devices such as element 14, falling within the same local network, are considered for image distribution to reduce the load on external communication, reduce the number of hops to acquire the image, and reduce latency. For storing image portions, the device's default storage system is used to avoid additional overhead or changes to the device infrastructure. The software upgrade image can be a complete device software upgrade image, or an upgrade image of one or more software components of the device. Assume there are 50 devices in the local network, and the image size is 2GB. The default source can always be set to the controller device, such as controller device 10, to allow for rollbacks for any issues during retrieval within the network or from any group of local devices. Since the image is also segmented at controller device 10, this helps minimize network usage, as element 14 will only pull the required portion. In some examples, if the image size can be accommodated in the free space of element 14, the software upgrade image can be used at its full size without needing to be segmented. The image portions can be uniform or non-uniform, depending on the free space on the device. This free size will be considered after reducing the size of the complete image that will be used for the actual upgrade. In some examples, the logic can be implemented as part of an existing daemon / service in the system.

[0034] To segment images and stitch the parts together, a simple library function can be written in some examples. Furthermore, to pull images from a central or local device instead of using SCP / FTP, daemons can invoke a central connection or establish connections to transfer images between each other. This can help reduce the overhead of new services generated within the device.

[0035] Furthermore, in the case of “green areas”, if the device may not yet be configured to access the internet immediately upon being plugged in, the method described herein for locally distributing software upgrade images would be useful.

[0036] The technology disclosed herein enables controller device 10 to download software upgrade images to network 2 (e.g., a data center) all at once, and then use characteristic data, such as size, bandwidth, and topology-aware methods, to select managed devices (element 14) to host the software upgrade images. Controller device 10 creates image maps for the image proxy devices and distributes these maps to the managed devices for other managed devices to pull from during the image upgrade cycle. This helps reduce the pressure on WAN links downloading the same images from external sources and increases parallel image pulling for faster image delivery to all devices. Furthermore, the technology disclosed herein allows for the creation of policies on controller device 10 to control retries and operating thresholds for devices undergoing upgrades, thereby avoiding bottlenecks.

[0037] Figure 2 This illustrates one or more technologies according to this disclosure. Figure 1 A block diagram of an example component group of the controller device 10. In this example, the controller device 10 includes a control unit 22, a network interface 34, a user interface 36, and a memory 40. The control unit 22 includes a management module 24, a network interface module 32, and a user interface module 38. The management module 24 includes a configuration module 26, a translation module 28, and a device upgrade management module 30. The memory 40 includes an upgrade image 42, translation functions 44, and a configuration database 46.

[0038] Control unit 22 refers to any combination of hardware, software, and / or firmware used to implement the functions belonging to control unit 22 and its constituent modules and elements. When control unit 22 includes software or firmware, control unit 22 also includes any necessary hardware for storing and executing the software or firmware, such as one or more processors or processing units. Typically, processing units may include one or more microprocessors, digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or any other equivalent integrated or discrete logic circuits, and any combination of these components. Furthermore, processing units are typically implemented using fixed and / or programmable logic circuits.

[0039] Network interface 34 indicates that the controller device 10 can be communicatively coupled to an external device (e.g., Figure 1 Example interface of one of element 14. Network interface 34 may represent a wireless and / or wired interface, such as an Ethernet interface or a radio configured to communicate according to a wireless standard, such as one or more of the IEEE 802.11 wireless network protocols (e.g., 802.11a / b / g / n or other such wireless protocols). In various examples, controller device 10 may include multiple network interfaces, although only one network interface is shown for illustrative purposes.

[0040] User interface 36 represents one or more interfaces, such as user (e.g., administrator 12). Figure 1 The user interface 36 interacts with the controller device 10 through this interface, for example, by providing input and receiving output. For example, the user interface 36 may represent one or more of a monitor, keyboard, mouse, touchscreen, touchpad, trackpad, speaker, camera, microphone, etc. Furthermore, although the controller device 10 includes a user interface in this example, the administrator 12 does not need to interact directly with the controller device 10, but can access the controller device 10 remotely, for example, via network interface 34.

[0041] Memory 40 may be configured to store information within controller device 10 during operation. Memory 40 may include a computer-readable storage medium or a computer-readable storage device. In some examples, memory 40 includes one or more of short-term memory or long-term memory. Memory 40 may include, for example, random access memory (RAM), dynamic random access memory (DRAM), static random access memory, magnetic disk, optical disk, flash memory, or electrically programmable memory (EPROM) or electrically erasable programmable memory (EEPROM). In some examples, memory 40 is used to store program instructions executed by controller device 10. Software or applications running on controller device 10 may use memory 40 to temporarily store information during program execution.

[0042] In this example, control unit 22 includes management module 24, network interface module 32, and user interface module 38. Control unit 22 executes user interface module 38 to receive input from user interface 36 and / or provide output to user interface 36. Control unit 22 also executes network interface module 32 to send and receive data (e.g., data packets) via network interface 34. Management module 24, network interface module 32, and user interface module 38 can again be implemented as corresponding hardware units, or as software or firmware, or a combination thereof.

[0043] Control unit 22 executes management module 24 to manage various network devices, such as Figure 1Component 14. Management includes, for example, based on data from the user (e.g., ... Figure 1 The administrator 12 receives instructions to configure network devices and provides users with the ability to submit instructions for configuring network devices. In this example, the management module 24 also includes a configuration module 26 and a translation module 28.

[0044] Management module 24 is configured to receive intents (e.g., high-level configuration instructions) for managed network device groups from users (such as administrator 12). Over time, users can update configuration instructions, for example, by adding new services, deleting existing services, or modifying existing services performed by managed devices. Intents can be constructed based on, for example, YANG.

[0045] The memory 40 includes a configuration database 46. The configuration database 46 typically includes information describing the managed network device (e.g., element 14). For example, the configuration database 46 may include indications such as device identifiers (e.g., Media Access Control (MAC) and / or Internet Protocol (IP) addresses), device type, device vendor, device category (e.g., router, switch, bridge, hub, etc.). The configuration database 46 also stores device-level configuration information based on the intent of the managed device (e.g., element 14) (e.g., high-level configuration information, or in some cases, high-level and low-level configuration information). The configuration database 46 may store configuration information corresponding to each element of element 14, allowing the management module 24 to access configurations for any one or more elements of element 14. For example, the management module 24 may access configuration information corresponding to configurations pushed to element 14C by the controller device 10. Furthermore, the configuration database 46 may store information including storage capacity collected periodically from element 14.

[0046] Translation module 28 determines which devices are managed using configuration database 46. Based on information from configuration database 46, such as which devices will receive low-level configuration instructions, translation module 28 determines which translation functions 44 to execute on the high-level configuration instructions. Translation module 28 then executes each determined translation function 44, providing the high-level configuration instructions as input and receiving the low-level configuration instructions. Conversion module 28 can then provide the low-level configuration instructions to configuration module 26. In some examples, conversion module 26 can receive an intent corresponding to a high-level configuration and convert the high-level configuration into a set of low-level configurations, each low-level configuration corresponding to a corresponding element of element 14; conversion module 26 can receive an intent corresponding to one of element 14 and convert that intent into a low-level configuration corresponding to the corresponding element.

[0047] After receiving a low-level configuration instruction from the conversion module 28, the configuration module 26 sends the low-level configuration instruction to the corresponding managed network device (e.g., element 14) via the network interface module 32, and the configuration of the network device will be updated. The network interface 34 forwards the low-level configuration instruction to the corresponding network device.

[0048] In response to receiving upgrade request 11, configuration module 26 stores the data from the request in configuration database 46. Device upgrade management module 30 downloads the upgrade image from the WAN link and stores it in upgrade image 42. Device update management module 30 generates image 42 based on feature data received from network element 14, such as device data and topology data, or one or more of these. Device data may include information about available storage on the device for storing the upgrade image or portions thereof. Device upgrade management module 30 partitions the image into portions comprising serialized data divided into ordered parts.

[0049] The configuration database 46 may also include upgrade completion status information. When the device upgrade management module 30 receives a message from the component 14 being upgraded that the component 14 has received all parts of the software upgrade image, stitched the image parts together, and completed its upgrade, the device upgrade management unit 30 updates the upgrade completion status information.

[0050] When multiple network devices are selected as image proxy devices, in some examples, the device upgrade management module 30 can generate an image map by assigning each portion of the software upgrade image to multiple network devices among the multiple network devices. In this example, if a previous attempt fails, the image map contains a list of multiple network devices in the order in which the group of network devices to be upgraded should attempt to download portions of the software upgrade image.

[0051] Although user interface 36 is described as allowing administrator 12 (for illustrative purposes) Figure 1 The controller device 10 interacts with the controller device 10, but other interfaces can be used in other examples. For example, the controller device 10 may include a representative state transition (REST) ​​client (not shown), which can act as an interface to another device through which the administrator 12 configures the controller device 10. Similarly, the administrator 12 can configure the element 14 by interacting with the controller device 10 through the REST client.

[0052] The controller device 10 will also represent the signal generated by element 14 ( Figure 1The data for the resources provided are stored in the configuration database 46. These resources may include, for example, tables for network services, hardware and / or software units, and components 14. Therefore, these resources may include, for example, network tunnels (such as Label Switched Paths (LSPs)), Virtual Private Networks (VPNs), Virtual Routing and Forwarding (VRF) tables, hardware interfaces, logical interfaces, storage space, etc. The controller device 10 may be configured with scripts, and the administrator 12 ( Figure 1 This script can be used to program various resources. A script can contain resource definition groups, resource discovery rules, and resource merging strategies.

[0053] In some examples, management module 24 is configured to receive a high-level intent file corresponding to the expected configuration of one or more elements of element 14. The high-level intent file may represent a high-level configuration. As used herein, the term "high-level configuration" refers to a configuration that can be programmed and / or modified by a user. A "low-level configuration" may refer to a network device, such as element 14, being configured to process and implement [something]. A conversion module may use conversion function 44 to convert the high-level configuration to one or more low-level configurations, where each of the one or more low-level configurations corresponds to one element of element 14. Conversion module 28 may send one or more low-level configurations to configuration module 26.

[0054] The device upgrade management module 30 selects one or more network devices as corresponding portions of one or more image proxy devices for storing software upgrade images. These devices are selected from a group of network devices to be upgraded. For example, the device upgrade management module 30 selects devices capable of accommodating the image portion size to store the image portion; these devices are called image proxy network devices. The device upgrade management module 30 then initializes the images in the network. The device upgrade management module 30 triggers an image upgrade sequence to the devices. Each device pulls a portion of the image from the image proxy device according to the image mapping 43 and stitches these portions together to create a complete image. Once all devices have a complete image and have signaled to the controller device 10 that they have a complete image, the device upgrade management module 30 triggers an upgrade command on the device.

[0055] As an example, the following are the steps taken to distribute an image in the example above: selecting a device for storing a portion of the image. Example method to achieve this:

[0056] 1) Select the device to be upgraded on the management system (n).

[0057] 2) Select n / 2 devices that have the most space and can access all other devices selected for upgrade.

[0058] 3) Partial calculation (can be a partial image or the complete image):

[0059] 4) The smallest available size in the selected device from step 2 will be used as the portion size of the image. Use this value as ImageSize / PortionSize to calculate the number of portions.

[0060] 5) If the free space size is the same as the image size, there is no need to divide the image into multiple parts; instead, the entire image can be used as a single unit.

[0061] 6) Topology awareness can be used for this device selection. For example, a device located near the gateway or the gateway itself can be preferred as an image proxy device to avoid blocking the devices below from performing initial image distribution.

[0062] 7) Create an empty mapping / table containing pointers to the default pull options for pulling from the controller device.

[0063] 8) Create a separate initialization table that stores a list of image proxy devices and the portion of the image that each device will store.

[0064] For example, out of 50 devices, 25 devices are selected as image proxy devices.

[0065] Example 1: Assuming the minimum available size is the same as the image size, the controller device will maintain a list of image proxy devices that store the image. Table 1 is an example initialization table for image mapping in Example 1.

[0066] Some details Device Part 1 – (Start and end indices of the image) D1, D5, D9, D13, D17, D21

[0067] Table 1

[0068] Example 2: Assume the minimum free dimension available on the device is 500M.

[0069] Number of image parts = 2G / 500M = 4 [Dividing 25 parts into 4 parts is not even, therefore 24 devices are used]. Table 2 is an example initialization table for image mapping in Example 2.

[0070] Some details Device Part 1 – (Start and end indices of the portion in the image) D1, D5, D9, D13, D17, D21 Part 2 – (Start and end indices of the portion in the image) D2, D6, D10, D14, D18, D22 Part 3 – (Start and end indices of the portion in the image) D3, D7, D11, D15, D19, D23 Part 4 – (Start and end indices of the portion in the image) D4, D8, D12, D16, D20, D24

[0071] Table 2

[0072] In this way, generating an image map may include assigning each part of the software upgrade image to multiple network devices among multiple network devices, and if previous attempts have failed, the image map contains a list of multiple network devices in the order in which the group of network devices to be upgraded should attempt to download the parts of the software upgrade image.

[0073] To initialize images in a network, you can use the following example method.

[0074] 1) Based on the default table discussed above, the notification device pulls a specific portion of the image in the following format.

[0075] 2) Select the initial device to send the image:

[0076] a) If the image is not segmented, first send a signal to the initial device to retrieve the image.

[0077] b) In the case of image segmentation, the initial devices D1, D2, D3 and D4 are first notified by signal to retrieve the image.

[0078] 3) Once these devices confirm successful retrieval, the remaining image proxy devices will be triggered in parallel.

[0079] a) For an image without slices (Example 1 above), all other devices simply receive a list of devices from which to pull the image.

[0080] b) These devices receive the following response from the controller device, and based on this response, the remaining devices in Table 2 will pull from the device in parallel.

[0081] c) The controller device 10 will respond with the image mapping of the portion of the image and the device that manages the portion of the image.

[0082] Example: For point 3b above: Devices D5 to D24 will pull from devices D1 to D4 in parallel, as shown in Table 3.

[0083] Some details Device Part 1 – (Start and end indices of the portion in the image) D1 Part 2 – (Start and end indices of the portion in the image) D2 Part 3 – (Start and end indices of the portion in the image) D3 Part 4 – (Start and end indices of the portion in the image) D4

[0084] Table 3

[0085] The device upgrade management module 30 extends the complete image to all devices, for example, through the following process: Once all image agent devices have the image portion, all devices selected for upgrade receive a signal to pull the image portion. The pull command triggered on the device contacts a central server (e.g., controller device 10). Controller device 10 responds with the image portion's image mapping and the device hosting the portion of the image. For example, one of the data in Table 2 will be shared with all devices. The triggered device then pulls the image portion from the mapped devices (the number of portions can be 1 if the triggered device is processing the complete image). If the image pull fails (e.g., pulling an image portion or pulling the complete image), the triggered device attempts to pull the image portion or the complete image from the next device in the list.

[0086] Example of a control policy configurable on element 14: If pulling from a device fails, a policy can be defined to retry N times. If all retries fail, the device attempting to pull an image or image portion may fall back to the central server storing the software upgrade image (which may be different from or the same as controller device 10). In some examples, the number of parallel pulls can be controlled by a threshold of the device. For example, if a new incoming pull request increases the system threshold by 50% in terms of CPU and memory usage, the request will be rejected. The following process outlines the typical flow of a device pulling an image or image portion: 1. Request an image from controller device 10 or the central server. Receive an image map from controller device 10. For image portions that have not yet been pulled, do the following: For all image agent devices on the list, pull the image portion from the first image agent device listed on the image map. If the image portion pull is unsuccessful, proceed to the next image agent hosted on the list that specifies that particular image portion. Continue until the image portion is successfully pulled. However, if there are no more image agent devices in the list and no more retries are available, pull from the central server as a backup. Trigger the image upgrade sequence for all devices. Once all devices have images and the notification center confirms that all images are complete, an upgrade command will be triggered on the devices.

[0087] Figure 3 This is a flowchart illustrating an example operation of a control system for distributed software upgrade image distribution for network device upgrades according to one or more technologies of this disclosure. For convenience, refer to... Figure 1 and Figure 2 The controller device 10 and the element 14 are described as follows Figure 3 .However, Figure 3 The technology can be performed by different components of the controller device 10 and element 14 or by additional or alternative devices.

[0088] exist Figure 3In the example, controller device 10 receives corresponding characteristic data (305) of network devices in the network. The network can be, for example, an enterprise network, branch network, data center network, service provider network, internet service provider network, or other networks. The characteristic data of the network devices (elements) may include, for example, one or more pieces of information relating to the network topology, the distance from the network device to a location storing a complete image or a portion of an image, and the amount of available data storage space on the network device. In some examples, controller device 10 considers the distance from a given network device to other network devices when selecting an image proxy network device. Controller device 10 may generate an image map based on the characteristic data of the network devices, which indicates, for each of several different portions of a software upgrade image, an image proxy network device selected by the control system from the network devices to store that portion based on the characteristic data (310). Controller device 10 outputs the image map to an element of element 14, causing that element to obtain each of several different portions of the software upgrade image from the corresponding image proxy network device selected by controller device 10 to store that portion (315).

[0089] In some examples, controller device 10 instructs network devices in a group of network devices to be upgraded to initiate an upgrade process that obtains a portion of an upgrade image based on an image map. In some examples, the software upgrade image is used to upgrade software components that will be performed by the network devices. In some examples, generating the image map involves assigning each portion of the software upgrade image to multiple network devices among multiple network devices; the image map contains a list of multiple network devices, and if previous attempts have failed, it contains a list of multiple network devices in the order in which the group of network devices to be upgraded should attempt to download portions of the software upgrade image. In some examples, generating the image map involves selecting a predetermined percentage of network devices as image proxy network devices (e.g., 50% (half), 25%, 75%, one-third, or another predetermined portion); controller device 10 stores the predetermined percentage instruction received via configuration module 26 in configuration database 46; prior to generating the image map, controller device 10 identifies the network devices to be upgraded from among the multiple network devices managed by controller device 10. For example, in a set of elements 14, controller device 14 identifies a subset of network devices to be upgraded before generating the image map.

[0090] The techniques described in this disclosure can be implemented, at least in part, in hardware, software, firmware, or any combination thereof. For example, various aspects of the techniques can be implemented within one or more processors, including one or more microprocessors, digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or any other equivalent integrated or discrete logic circuitry, and any combination of these components. The terms "processor" or "processing circuitry" can generally refer to any of the aforementioned logic circuitry, alone or in combination with other logic circuitry, or any other equivalent circuitry. A control unit, including hardware, can also perform one or more of the techniques disclosed herein.

[0091] Such hardware, software, and firmware may be implemented within the same device or in separate devices to support the various operations and functions described in this disclosure. Furthermore, any of the described units, modules, or components may be implemented together or separately as discrete but interoperable logical devices. Describing different features as modules or units is intended to highlight different functional aspects and does not necessarily mean that these modules or units must be implemented by separate hardware or software components. Rather, the functionality associated with one or more modules or units may be performed by separate hardware or software components, or integrated within common or separate hardware or software components.

[0092] The techniques described in this disclosure can also be implemented or encoded in a computer-readable medium (e.g., a computer-readable storage medium) containing instructions. Instructions embedded or encoded in a computer-readable medium can cause a programmable processor or other processor to perform the method, for example, when executing the instructions. Computer-readable media can include non-transitory computer-readable storage media and transient communication media. Tangible and non-transitory computer-readable storage media can include random access memory (RAM), read-only memory (ROM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically erasable programmable read-only memory (EEPROM), flash memory, hard disk, CD-ROM, floppy disk, magnetic tape, magnetic media, or other computer-readable storage media. The term "computer-readable storage medium" refers to a physical storage medium, not a signal, carrier, or other transient medium.

[0093] Various examples have been described. These and other instances are within the scope of the following claims.

Claims

1. A communication method, comprising: The control system for software upgrade images receives corresponding feature data from multiple network devices used in the network. The control system generates an image map based on the feature data for the plurality of network devices, the image map indicating, for each of a plurality of different portions of the software upgrade image, an image proxy network device selected by the control system from the plurality of network devices to store the portion based on the feature data; The control system distributes each of the plurality of different portions of the software upgrade image to a corresponding image proxy network device indicated by the image mapping; as well as The control system maps and outputs the image to one of the plurality of network devices, such that the network device obtains each of the plurality of different parts of the software upgrade image from the corresponding image proxy network device selected by the control system, and stores the parts.

2. The method according to claim 1, further comprising: The control system instructs the network devices in the group of multiple network devices to be upgraded to initiate an upgrade process, the upgrade process obtaining multiple portions of the upgrade image based on the image mapping.

3. The method according to claim 1, wherein, The software upgrade image is used to upgrade software components that will be executed by the network device.

4. The method according to any one of claims 1 to 3, wherein, Generating the image map includes assigning each portion of the software upgrade image to a plurality of network devices, the image map comprising a list of the plurality of network devices ordered in the order in which the group of the plurality of network devices to be upgraded should attempt to download the portion of the software upgrade image in the event of a previous failure.

5. The method according to any one of claims 1 to 3, wherein, Generating the image map includes generating the image map based on at least one of the feature data selected from the following list: the topology of the network, the distance from the plurality of network devices to the location storing the software upgrade image, and the amount of available data storage space on the plurality of network devices.

6. The method according to any one of claims 1 to 3, wherein, Generating the image map includes selecting a predetermined ratio of the plurality of network devices to be used as image proxy network devices, wherein the control system stores an indication of the predetermined ratio received via configuration information.

7. The method according to claim 6, wherein, The predetermined proportion of the plurality of network devices includes selecting half of the plurality of network devices to be used as image proxy devices.

8. The method according to any one of claims 1 to 3, further comprising, prior to generating the image map, the control system identifying the plurality of network devices as a plurality of network devices to be upgraded from a plurality of network devices managed by the control system.

9. A control system for software upgrade images, the control system comprising: One or more processors; as well as The memory includes instructions, which, when executed by the one or more processors, cause the one or more processors to: Receive corresponding characteristic data from multiple network devices used in the network; An image map is generated based on the feature data for the plurality of network devices, the image map indicating, for each of a plurality of different portions of the software upgrade image, an image proxy network device selected by the control system from the plurality of network devices to store the portion based on the feature data; Distribute each of the plurality of different portions of the software upgrade image to a corresponding image proxy network device indicated by the image mapping; as well as The image is mapped and output to one of the plurality of network devices, such that the network device obtains each of the plurality of different portions of the software upgrade image from a corresponding image proxy network device selected by the control system, and stores the portions.

10. The control system according to claim 9, wherein, The memory also includes instructions that, when executed by the one or more processors, cause the one or more processors to: instruct a network device in the group of the plurality of network devices to be upgraded to initiate an upgrade process, the upgrade process obtaining a plurality of portions of the upgrade image based on the image mapping.

11. The control system according to claim 9, wherein, The software upgrade image is used to upgrade software components that will be executed by the network device.

12. The control system according to any one of claims 9 to 11, wherein, Generating the image map includes assigning each portion of the software upgrade image to a plurality of network devices, the image map comprising a list of the plurality of network devices ordered in the order in which the group of the plurality of network devices to be upgraded should attempt to download the portion of the software upgrade image in the event of a previous failure.

13. The control system according to any one of claims 9 to 11, wherein, The feature data is selected from the following list: the topology of the network, the distance from the plurality of network devices to the location storing the software upgrade image, and the amount of available data storage space on the plurality of network devices.

14. The control system according to any one of claims 9 to 11, wherein, Generating the image map includes selecting a predetermined ratio of the plurality of network devices to be used as image proxy network devices, wherein the control system stores an indication of the predetermined ratio received via configuration information.

15. The control system according to claim 14, wherein, The predetermined proportion of the network devices includes selecting half of the plurality of network devices to be used as image proxy devices.

16. The control system according to any one of claims 9 to 11, wherein, The memory also includes instructions that, when executed by the one or more processors, cause the one or more processors to: identify the plurality of network devices as network devices to be upgraded from a plurality of network devices managed by the control system before generating the image map.

17. A computer-readable storage medium including instructions that, when executed, cause one or more processors of a control system to: Receive relevant characteristic data from multiple network devices used in the network; An image map is generated based on the feature data for the plurality of network devices, the image map indicating, for each of a plurality of different portions of a software upgrade image, an image proxy network device selected by the control system from the plurality of network devices to store the portion based on the feature data; Distribute each of the plurality of different portions of the software upgrade image to a corresponding image proxy network device indicated by the image mapping; as well as The image is mapped and output to one of the plurality of network devices, such that the network device obtains each of the plurality of different portions of the software upgrade image from a corresponding image proxy network device selected by the control system, and stores the portions.

18. The computer-readable storage medium of claim 17, further comprising instructions that, when executed, cause one or more processors of the control system to: instruct a network device in the group of the plurality of network devices to be upgraded to initiate an upgrade process, the upgrade process obtaining a plurality of portions of the upgrade image based on the image mapping.

19. The computer-readable storage medium according to claim 17, wherein, The instructions configure the processor to assign each portion of the software upgrade image to a plurality of network devices, the image map comprising a list of the plurality of network devices ordered in the order in which the group of network devices to be upgraded should attempt to download the portion of the software upgrade image in the event of a previous failed attempt.

20. The computer-readable storage medium according to any one of claims 17 to 19, wherein, The feature data is selected from the following list: the topology of the network, the distance from the plurality of network devices to the location storing the software upgrade image, and the amount of available data storage space on the plurality of network devices.

Images