Thoughts on golang for network operations?

agolangf · · 471 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>So i posted <a href="https://www.reddit.com/r/networking/comments/6aumf0/thoughts_on_golang_for_network_ops/">this thread</a> in <a href="/r/networking">/r/networking</a>. </p> <p>I started to look at golang a few weeks ago after running into a NANOG talk (big network engineering conference) suggesting looking at the language for use in network operations in lieu of Python</p> <p>I am not someone with a software development background. I may check in some scripts into revision control, but I&#39;m not someone who builds out massive programs with rigorous applications of software engineering discipline across the board. </p> <p>Alot of people who post here seem to be professional developers, so I was hoping to get opinions/insights on this matter from you guys. </p> <p>If golang was chosen as a daily driver, how much of the tooling should be left to be developed by professional devs, versus some hacky script written by operations folks? </p> <p>Alot of what most network engineers would be dealing with are logging into devices, gathering some text output, and working with some JSON and XML stuff. </p> <hr/>**评论:**<br/><br/>42wim: <pre><p>I&#39;m a network engineer, who develops a bit. (In no way a professional developer).</p> <p>Go is so easy to pick up, and hack together a prototype. </p> <p>It has a lot of cool libraries to play around with network stuff coupled with great performance. </p> <p>And ofcourse it&#39;s fun to program in (but this is very subjective ;-)</p> <p>Some public examples (all network related) I made after discovering go:</p> <ul> <li><a href="https://github.com/42wim/gomphs">https://github.com/42wim/gomphs</a> - A tool to ping multiple hosts at once with a CLI and web-based overview</li> <li><a href="https://github.com/42wim/gomul">https://github.com/42wim/gomul</a> - Joins multicast ipv4/ipv6 groups on specified interface (used for debugging multicast issues)</li> <li><a href="https://github.com/42wim/registrator-netfilter">https://github.com/42wim/registrator-netfilter</a> - ipv6 firewall (netfilter) module for registrator</li> <li><a href="https://github.com/42wim/dhcprelay">https://github.com/42wim/dhcprelay</a> - simple dhcp relay in go. Ability to bind to a specific outgoing IP</li> <li><a href="https://github.com/42wim/csm">https://github.com/42wim/csm</a> - Cisco Syslog to Mattermost - logging cisco IOS changes realtime to mattermost</li> <li><a href="https://github.com/42wim/cssh">https://github.com/42wim/cssh</a> - Tool to connect to / automate (via ssh only) Cisco switches and accesspoints</li> <li><a href="https://github.com/42wim/asallow">https://github.com/42wim/asallow</a> - An &#39;easy way&#39; to whitelist providers and/or countries using ipset</li> <li><a href="https://github.com/42wim/ipsetd">https://github.com/42wim/ipsetd</a> - ipset daemon (for fast remote ipset manipulation, runs ipset in interactive mode)</li> <li><a href="https://github.com/42wim/dt">https://github.com/42wim/dt</a> - DNS tool - display information about your domain</li> <li><a href="https://github.com/42wim/ulog2queue">https://github.com/42wim/ulog2queue</a> - Sends ulogd / netfilter json to elasticsearch backend (logstash replacement for your firewall)</li> </ul> <p>You don&#39;t need to be a professional developer to make useful tools.</p></pre>hell_0n_wheel: <pre><blockquote> <p>You don&#39;t need to be a professional developer to make useful tools.</p> </blockquote> <p>Totally agree here. But let&#39;s make a clear distinction: if these &#34;useful tools&#34; are critical to the daily operation of a business, then they need some rigor around their design, development and maintenance. Not saying it <em>needs</em> to be a professional developer doing all the work, but at least put one on the code reviews...</p></pre>42wim: <pre><p>Yes, in the ideal world this would be the case, but unfortunately most of the time you don&#39;t have professional developers in network teams.</p></pre>hell_0n_wheel: <pre><p>The pro developer doesn&#39;t have to be in-team. He/she can simply advise development from afar. I&#39;ve done it in companies large and small, and the payoffs well outweigh the additional cost.</p></pre>mm_5687: <pre><p>If Go was designed to be good at one thing, that would be network operations. </p></pre>_______2: <pre><p>In my experience, go is fantastic for network-based development. The standard library is more complete for networking than any other language I&#39;ve used. It might be best left to professionals, but go is very easy to pick up and read, in my opinion. Recently, we had a huge C# project in production, but due to poor development, a service that pinged an endpoint every two minutes went down. I was able to write a 10 line go program that replaced the external network service and have the service working as expected in 20 minutes, and it didn&#39;t require anything other than the standard library</p></pre>epiris: <pre><p>42wim made a great list, add <a href="https://github.com/osrg/gobgp" rel="nofollow">https://github.com/osrg/gobgp</a> to it. It&#39;s a fairly sophisticated BGP daemon with a CLI. </p></pre>de_joerg: <pre><p>I use golang for all my new network tools on a daily basis and I don&#39;t like python ;-)</p> <p>My current projects:</p> <ul> <li><p><a href="https://github.com/ipcjk/ixgen" rel="nofollow">https://github.com/ipcjk/ixgen</a> -&gt; Ixgen is yet-another open-source, multi-platform generator for peering configurations on IXs incorporating the global peeringdb api, but also is able to spin up its own &#34;compatible&#34; server for faster results. Ixgen is configured by an INI- or JSON-style format, producing custom template-driven or fixed json-style configurations, that can be printed on the terminal, to a file or served by HTTP. </p></li> <li><p><a href="https://github.com/ipcjk/brocadecli" rel="nofollow">https://github.com/ipcjk/brocadecli</a> brocadecli is a tool that enables you to enter configuration changes to Brocade Netiron devices (MLX, MLXE, CER) via ssh.</p></li> <li><p><a href="https://github.com/ipcjk/asnbuilder" rel="nofollow">https://github.com/ipcjk/asnbuilder</a> Build regexes from as-numbers for BGP filtering on Brocade Netiron or compatible (Cisco) platforms. Edit</p></li> </ul></pre>jda: <pre><p>I&#39;m a hybrid dev/network engineer with a software development background (CS education, wandered into neteng). I largely switched from python to go a few years ago because of the reasons in that conference talk.</p> <blockquote> <p>I may check in some scripts into revision control, but I&#39;m not someone who builds out massive programs with rigorous applications of software engineering discipline across the board.</p> </blockquote> <p>You might not be a full-time developer, but you&#39;ve earned a developer hat. Remember to write some unit tests :) </p> <p>If possible, find someone to review your code. Everyone benefits from code review and it&#39;s a great way to level up. If there isn&#39;t anyone in your company that can review, maybe you can contribute to a open source library that you use.</p> <blockquote> <p>If golang was chosen as a daily driver, how much of the tooling should be left to be developed by professional devs, versus some hacky script written by operations folks?</p> </blockquote> <p>Write what you need and don&#39;t worry about it. You&#39;d be amazed at how much &#34;hacky&#34; stuff is written by professional devs. </p> <blockquote> <p>Alot of what most network engineers would be dealing with are logging into devices, gathering some text output, and working with some JSON and XML stuff.</p> </blockquote> <p>I found XML processing to be much easier in go compared to python. There are go libraries for netconf, ssh, etc. </p></pre>nemith: <pre><p>Go is perfect for Network Operations. I have started using it for a lot of tasks in neteng at Facebook. Gorouting fit with trying to do operations on thousands of devices at once.</p> <p>If you are at NANOG in Bellevue, come find me and I can discuss more about what we are using with it. Also come to the hackathon on Sunday <a href="https://www.nanog.org/meetings/nanog70/hackathon" rel="nofollow">https://www.nanog.org/meetings/nanog70/hackathon</a>!</p></pre>sandymatt: <pre><p>If this helps, there&#39;s a new book from Apress called &#34;Network Programming with Go&#34;. I was just going to pick it up - hopefully it has good stuff in it. Apress usually comes out with decent books.</p> <p><a href="http://www.apress.com/us/book/9781484226919" rel="nofollow">http://www.apress.com/us/book/9781484226919</a></p></pre>serverangels: <pre><p>Are these books any good? I&#39;m thinking of ordering the softcover, but do you know if I get a instant pdf version too with that?</p></pre>sandymatt: <pre><p>It&#39;s too early to tell if the book is any good - no one&#39;s posted a blog or review yet. Overall, I&#39;ve had good luck with Apress books, especially those dealing with SQL Server. And I only order digital versions, so don&#39;t know about the softcover.</p></pre>unimportant1234567: <pre><p>The Jan Newmarch book was freely available up until a few months ago. It was a great online resource but I didn&#39;t dive into it too heavily. It teaches networking with Go code. It really depends on how experienced with networking you are. I&#39;d say it&#39;s great if you are new to it. If you are experienced, you should just find the lib you know you need on github :)</p> <p>I recall it being a very well written and detailed book.</p></pre>Krieger08026: <pre><p>Former ops engineer turned developer here. Time to offer unpopular dissenting opinion. Bracing for downboats. </p> <p>It&#39;s typically faster to build a stable solution providing high throughput, concurrent operations in Python than it is to build the same thing in golang. One of the only reasons for this is golang is still in its infancy, and it&#39;s very likely there&#39;s already a python module that does what you&#39;re trying to do. </p> <p>Not saying go isn&#39;t great. I love it, or I wouldn&#39;t be subbed here. I&#39;m just saying that depending on your deadlines, python might still be the better choice. </p></pre>aboukirev: <pre><p>It is true that Python has libraries probably for everything imaginable.</p> <p>In Go one could find code examples for almost any network related functions. But not all of them are libraries; some code is just a package or an integral part of a bigger project. As usual, it&#39;s a matter of time. I think Go reached critical mass in the network segment though.</p> <p>To the OP: you can fallback to Python any time for a specific script/tool. Just adding Go to your tool belt is useful. </p></pre>Krieger08026: <pre><p>Agreed, it&#39;s an excellent addition to the tool belt. </p></pre>Jamo008: <pre><p>I am a software developer specialising in network software. I definitely disagree with a this. I&#39;ve recently built a fairly large Python app requiring a large amount of concurrency and Go would solve so many of the issues I&#39;m having (since I&#39;m part of the networking team, I&#39;m only able to use Python).</p></pre>Krieger08026: <pre><p>That&#39;s interesting. Which problems would Go have allowed you to solve more easily? This is the first thing I&#39;ve heard along these lines. </p></pre>42wim: <pre><p>I can you give an example for something I&#39;ve build. We&#39;re running an arpscraper and macscraper so we can quickly find users/devices.</p> <p>The macscraper for example is a daemon connected via ssh to 2500+ devices, and doing a &#34;sh mac address-table&#34; every second. So that&#39;s 2500 simultaneously goroutines and open connections, with in memory db of about 82k mac addresses, taking 1.1Gb of ram. </p> <p>How feasible would this be in python with the same memory footprint/performance? </p></pre>Krieger08026: <pre><p>I&#39;m not sure about the exact footprint in Python, but I have a very similar application I can compare it with. </p> <p>The project goal was to analyze 75,000 endpoints for behavioral indicating a high probability of imminent failure of a particular system component on that endpoint. 4 threads total running 2 separate event loops concurrently processing 1,000 endpoint &#34;blocks&#34; using asyncio coroutines. Memory usage was extremely stable around 250MB, but it would pretty quickly max out the processor without the artificial 1,000 endpoint block size. </p> <p>It really sounds like a difference in design patterns, though, specifically focused around a time/space tradeoff. In my case, I was fine waiting an hour for the results to come back if I was able to do other things in the meantime. In your case, I&#39;m sure it didn&#39;t take an hour to work, but the 1.1GB ram usage would have been a bit much for me to explain to management. </p></pre>JokerSp3: <pre><p>In every application I have ported from python to go, the memory footprint goes down significantly and speed goes up. I would recommend you try taking an application and port to go (attempting to keep go idioms where possible).Then analyze cpu usage, memory usage, and speed.</p> <p>In my experience most small applications can be ported in a few hours and you should be able to get real results.</p></pre>hell_0n_wheel: <pre><blockquote> <p>Time to offer unpopular dissenting opinion. Bracing for downboats. </p> </blockquote> <p>Please, no need to be a drama queen, save this for some other sub.</p> <blockquote> <p>golang is still in its infancy</p> </blockquote> <p><a href="https://github.com/golang/go/wiki/GoUsers" rel="nofollow">Taking a look at this list</a>, it doesn&#39;t appear that &#34;infancy&#34; (a relative term) matters much. This is for good reason, as go offers a massive performance improvement over Python, as well as a massive stability improvement... Python is notorious for allowing garbage code to run, only to puke at runtime, whereas go&#39;s type system does not allow for such hijinks.</p> <p>What&#39;s more important is the community built around a language, and golang has enormous support (not to mention enormous funding). The golang community <a href="https://www.tiobe.com/tiobe-index/go/" rel="nofollow">has been growing very quickly</a> where Python has been stagnating... if anything, this would tell me we&#39;ve hit &#34;peak Python&#34;.</p></pre>Krieger08026: <pre><p>Sorry about that, it was a bad joke. </p></pre>sandymatt: <pre><p>I was surprised to see Jetbrains just release a dedicated Go IDE, but the numbers they had for their original Go plugin justified it to them. It has over 600,000 downloads, and to JB that equated to pent-up demand.</p></pre>hell_0n_wheel: <pre><p>Yup, very happy to see this. I&#39;ve only had my hands on it for a couple days, but already it&#39;s got the look and feel of Jetbrains&#39; other IDEs. Very slick!</p></pre>

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

471 次点击  
加入收藏 微博
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传