Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

About This In Focus Use Case

Use Case

Use Contrail Command to onboard a fabric and create overlay networks.

Audience

Enterprise data center network administrator

Knowledge Level

General familiarity with data center architectures and overlay and underlay routing

Benefits

  • Save time by using an intent-based UI to configure your data center network.

  • Reduce risk of error and misconfiguration through automation.

  • Use an industry-leading SDN solution to configure your overlay networks.

Products Used

  • Contrail Networking Release 2003

  • QFX Series switches running Junos OS

    • tested on QFX10002 running Junos OS 18.4R2-S3 as a spine switch

    • tested on QFX5110 running Junos OS 18.4R2-S3 as a leaf switch

  • SRX Series Services Gateway running Junos OS

    • tested on SRX5400 running Junos OS 18.2R2-S3

Note:

Although this use case has been specifically validated against the hardware devices and Junos OS versions shown, you can choose to use any device and Junos OS version supported by this release of Contrail Networking as long as the devices and software support their assigned roles.

This use case demonstrates how you can onboard a data center fabric and build a simple overlay in minutes and is intended for the network administrator who is responsible for the data center network but not for the endpoint servers and compute devices. This use case therefore does not demonstrate the compute orchestration capabilities of Contrail Networking such as how servers and VMs are instantiated nor does it depend on any particular type or brand of compute orchestrator.

To get your data center network up and running, you first have to onboard the fabric, which means that you have to configure all your data center switches and routers to be part of the same IP network. Next, you create the separate overlay segmented networks that govern which endpoints are allowed to communicate with which endpoints. This underlay and overlay provisioning requires a considerable amount of configuration on each device, ranging from basic system turn-up to routing protocol configuration to interface provisioning. Depending on the size and complexity of your data center, this can easily run into dozens of CLI commands per device and take hours or days to complete.

With Contrail Command, you can get your data center network up and running in a fraction of this time while minimizing the risk of misconfiguration. Contrail Command provides an intent-based user interface that translates your high level intent into configuration commands that the devices understand. You provide basic configuration parameters for the overall fabric and specify the role that you want each device to play, and Contrail Command then performs the underlying configuration for you. Not only does this save you time, but it reduces the chance of error as you don’t have to provision each device individually and risk creating mismatched configurations across devices.

Figure 1 shows the fabric that you are onboarding in this use case. The fabric consists of a set of QFX Series switches connected in a spine-and-leaf architecture with the Contrail Networking installation running on a regular compute device attached to a leaf switch. The switches themselves are connected to each other but have no configuration and are in zeroized (greenfield) state. All devices including the Contrail Networking installation are connected to an out-of-band management network over their management ports. The only prerequisite is that you’ve assigned an IP address to the Contrail Networking port that connects to the management LAN.

Figure 1: Fabric UnderlayFabric Underlay

Figure 2 shows the overlay segmented networks you are creating in this use case. These represent nominally a web front-end network and a back-end database network in this fictitious example. These networks are separated by a firewall that ensures only legitimate database requests from qualified internal front-end servers are allowed to pass through. Configuration of the firewall is outside the scope of Contrail Networking and outside the scope of this use case.

Figure 2: Overlay Segmented NetworksOverlay Segmented Networks

This use case is sufficiently generic that you can apply the same principles to onboard fabrics and create overlays much more complex than that shown. Although this guide shows specific models of QFX Series switches, this use case works equally well with other QFX Series switches as long as the switches support the functions required by the roles they are given. For example, this use case creates a centrally-routed overlay architecture that requires the spine switches to support VXLAN routing, which is where the switch has the ability to decapsulate the VXLAN header and route traffic based on the inner overlay IP address. Refer to Contrail Networking Supported Hardware Platforms and Associated Roles And Node Profiles to see what other switches you can use in this scenario.

Moreover, this use case does not specify or presuppose any particular hardware module or interface on the switches. To make this use case work, you will need to ensure that the ports connecting neighboring switches have compatible optics so that their physical layers can come up, but this use case can work with different interface modules and speeds. In other words, this use case focuses purely on using Contrail Command to set up a fabric and overlay and leaves best practices on data center architectures to other documentation.