Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Onboard the Fabric

SUMMARY In this section, you are using Contrail Command to configure your zeroized fabric devices to be part of a single physical underlay network.

Explanation of Procedure

The recommended first step to onboarding a fabric is to tell Contrail Networking about the devices in the fabric. You do this by creating a YAML file containing the list of serial numbers of all devices in the fabric. For convenience, Contrail Command provides you with a template that you can use.

You then upload this file to Contrail Networking when you run the Create Fabric wizard, which guides you through fabric creation, including performing zero-touch-provisioning (ztp) of the devices in the list.

In a regular network, you typically onboard the fabric once at the beginning and whenever you add or remove devices from the fabric. In this latter case, you would be onboarding specific devices onto the fabric rather than creating a fabric from scratch.

Note:

All devices should be in zeroized state (request system zeroize from the CLI) before you perform the initial onboarding.

Configure the Device YAML File

The device YAML file is the file that contains the list of serial numbers of all fabric devices. The device YAML file also contains configuration that you want Contrail Networking to apply as part of onboarding the fabric. You create the device YAML file on the computer that you use to connect to Contrail Command. This can be your local computer as long as it has access to the management network where the Contrail Networking installation resides.

The YAML file must comply with the syntax specified in //yaml.org including spacing and indentations, which act as delimiters. By convention, a YAML file has a .yaml or .yml file extension.

For convenience, you can download a YAML file template from Contrail Command when you use the Create Fabric wizard (see step 4 in Configure the Device YAML File).

A very basic device YAML file just contains the chassis serial numbers of the devices and looks like this:

Note:

To get the chassis serial number from your device, issue the show chassis hardware command from the Junos CLI on the device. Alternatively, you can get the chassis serial number from the label affixed to your device. See Locating the Chassis Serial Number ID Label on a QFX10008 or QFX10016 and Locating the Serial Number on a QFX5100 Device or Component.

It’s a good idea, however, to include the hostnames of the devices. Otherwise, Contrail Command displays and refers to the devices by their serial numbers. The example below adds meaningful hostnames to identify the spine and leaf switches.

That’s all you really need for the device YAML file. However, the YAML file in this use case contains a few more constructs to demonstrate its flexibility and power and to save you some additional configuration later on.

The YAML file used in this example is shown below:

Table 1 contains the definitions of the constructs used in this YAML file and Table 2 shows the resulting actions on each fabric device when you later apply this YAML file to the fabric.

Table 1: Device YAML File Definitions

Fields

Meaning

device_to_ztp

This mandatory section contains the fabric devices that you want to discover and configure. Each fabric device is organized in its own subsection. Each subsection is identified by the device’s serial number.

serial_number

This is the hardware serial number of the device. To see the serial number in Junos, issue the show chassis hardware command from the Junos CLI on the device. Copy the chassis serial number from the command output and paste it into this YAML file.

This field is mandatory.

supplemental_day_0_cfg

This field references the supplemental_day_0_cfg section within this file.

This field is optional.

hostname

This field sets the hostname on the device. This is equivalent to the Junos set system host-name command.

This field is optional but highly recommended. If you do not specify the hostname, Contrail Command displays the device using its serial number.

device_functional_group

This field applies the specified device functional group to the device. A device functional group is a user-defined node profile that automatically sets the roles for the device.

This field is optional. If you do not specify a device functional group, you will need to specify the roles for the device explicitly when you create the fabric.

To define the device functional groups used in this example, log in to Contrail Command and select INFRASTRUCTURE>Fabrics and then click on Device Functional Groups. Click Create to create the groups, as follows:

  • L2-Server-Leaf

    • physical role = leaf

    • routing roles = CRB-Access, AR-Client

  • Centrally-Routed-Border-Spine

    • physical role = spine

    • routing roles = Route-Reflector, CRB-Gateway, DC-Gateway, DCI-Gateway, PNF-Servicechain

For more information on roles, see the Contrail Networking Fabric Lifecycle Management Guide.

supplemental_day_0_cfg

This optional section contains additional configuration that you can apply to the discovered devices. The additional configuration is organized into subsections identified by name.

name

This is the name of the additional configuration subsection. Devices in the device_to_ztp section refer to this subsection by this name.

cfg

This contains the set of Junos CLI commands you want to execute on the device as part of device discovery.
Table 2: Device YAML File Resulting Actions

Device

Actions

111111111111

Sets the hostname to DC1-Access-Leaf-1.

Sets the device functional group to L2-Server-Leaf, which sets the following:

  • physical role = leaf

  • routing/bridging roles = CRB-Access, AR-Client

Issues the following CLI commands on the device:

set system location rack 5

222222222222

Sets the hostname to DC1-Access-Leaf-2.

Sets the device functional group to L2-Server-Leaf, which sets the following:

  • physical role = leaf

  • routing/bridging roles = CRB-Access, AR-Client

Issues the following CLI commands on the device:

set system location rack 5

333333333333

Sets the hostname to DC1-Access-Leaf-3.

Sets the device functional group to L2-Server-Leaf, which sets the following:

  • physical role = leaf

  • routing/bridging roles = CRB-Access, AR-Client

Issues the following CLI commands on the device:

set system location rack 5

444444444444

Sets the hostname to DC1-Border-Spine-1.

Sets the device functional group to Centrally-Routed-Border-Spine, which sets the following:

  • physical role = spine

  • routing/bridging roles = Route-Reflector, CRB-Gateway, DC-Gateway, DCI-Gateway, PNF-Servicechain

Issues the following CLI commands on the device:

set system location rack 10

555555555555

Sets the hostname to DC1-Border-Spine-2.

Sets the device functional group to Centrally-Routed-Border-Spine, which sets the following:

  • physical role = spine

  • routing/bridging roles = Route-Reflector, CRB-Gateway, DC-Gateway, DCI-Gateway, PNF-Servicechain

Issues the following CLI commands on the device:

set system location rack 10

Once you have finished creating the YAML file and the device functional groups, you can proceed to the next step where you launch the Create Fabric wizard to start creating the fabric.

Create Fabric

This is the first stage of the Create Fabric wizard. You specify the basic underlay and overlay configuration parameters and you reference the device YAML file you created earlier.

  1. Log in to Contrail Command.
  2. Select INFRASTRUCTURE>Fabrics to bring up the Fabrics page and click Create to create the fabric.

    The Select provisioning option window appears.

  3. Select New Fabric and click Provision.

    This launches the Create Fabric wizard for a new (greenfield) fabric.

  4. Fill in the fields on this page as shown in Table 3.
    Table 3: Fields in the Create Fabric Page

    Fields

    Meaning

    Setting in this Example

    Name

    The name of the fabric.

    DC1-Fabric

    Device credentials

    The root password that you want to set for all devices in the fabric.

    Note:

    Type the password carefully. Contrail Command does not ask you to verify or confirm the password that you type in.

    <password>

    Overlay ASN (iBGP)

    The autonomous system number for the overlay iBGP network. All devices in the overlay belong to the same autonomous system.

    65000

    Device Info

    The device YAML file.

    Note:

    To download the YAML file template, click the Download icon.

    Upload the YAML file you created on your local computer.

    Underlay ASNs (eBGP)

    Specify the ASN range that you want to assign to the underlay devices. Contrail Networking assigns each device with its own AS number in the underlay.

    65001 to 65099

    Management subnets

    Specify the management subnet and gateway for the underlay devices. Contrail Networking discovers all devices connected to the management subnet.

    cidr: 192.168.1.0/24

    gateway: 192.168.1.1

    Fabric subnets

    Specify the fabric subnet for the underlay. All fabric ports are on this subnet. Fabric ports are the main traffic-carrying ports on the devices.

    192.168.11.0/24

    Loopback subnets

    Specify the loopback subnet. The loopback address is used by the overlay BGP.

    192.168.111.0/24

    PNF Servicechain subnets

    Specify the physical network function (PNF) service chain subnets. These are the subnets for the PNF devices that you want to add to the service chain. You need a PNF service chain if you want to allow communications between devices on the different segregated networks that you later create.

    192.168.100.0/24
  5. Click Next to launch the device discovery process.

Device Discovery

This is the second stage of the Create Fabric wizard. Contrail Networking begins the discovery process by responding to DHCP requests on the management subnet and then using NETCONF to configure the devices that match the serial numbers listed in the YAML file, including:

  • reading interface information, enabling LLDP, and bringing up interfaces

  • applying the standard juniper-qfx10k and juniper-qfx5k node profiles

  • assigning loopback IP addresses

  • running the supplementary commands from the YAML file

  • reading and storing inventory and other information from the devices

  • building the topology

At the completion of this stage, Contrail Networking has brought up all the fabric devices and has built the fabric topology.

Click Next to progress to role assignment.

Assign the Roles

This is the third stage of the Create Fabric wizard. At this point, Contrail Networking has discovered and performed initial configuration of the fabric devices and knows how they are connected together but does not yet know what roles the devices play in the fabric.

When you assign a role to a device, you are telling Contrail Networking what the device’s function is. A role is strictly a Contrail Networking construct and is an example of Contrail Networking’s intent-based provisioning. It is not a Junos parameter that you configure on a switch. Instead, you tell Contrail Networking what role you want a device to assume, and Contrail Networking then performs all the underlying configuration on the device to enact that role.

There are two types of roles that you assign to a device. The physical (underlay) role describes whether a device is a spine device or a leaf device. The routing (overlay) role describes the overlay routing functions that a device supports. While a device can only have one physical role, it is common and normal for a device to have multiple routing roles.

The Assign to devices window shows the list of discovered devices along with their assigned roles. In this use case, you assigned the roles using the device_functional_group parameter in the device YAML file so you don’t have to explicitly assign roles here.

Verify that the roles are as shown in Table 4 and Table 5. For more information on roles, see the Contrail Networking Fabric Lifecycle Management Guide.

Table 4: Roles Assigned to Leaf Switches

Meaning

Setting in this Example

Role

The physical or underlay role of the device.

leaf

Routing Roles

The routing/bridging or overlay role of the device.

CRB-Access

AR-Client
Table 5: Roles Assigned to Spine Switches

Meaning

Setting in this Example

Role

The physical or underlay role of the device.

spine

Routing Roles

The routing/bridging or overlay role of the device.

CRB-Gateway

DC-Gateway

DCI-Gateway

PNF-Servicechain

Route-Reflector

Click Autoconfigure to start the auto-configuration stage of the process.

Autoconfigure

This is the fourth stage of the Create Fabric wizard. Contrail Networking configures all the necessary parameters on the devices to support the roles they are given.

After auto-configuration is complete, the fabric is now up and running and ready for overlay configuration (Figure 1).

Figure 1: Underlay After ConfigurationUnderlay After Configuration

Additionally, the initial overlay BGP configuration is performed, identifying all overlay BGP speakers (including the Contrail Networking controller) and assigning the common overlay AS number (Figure 2).

Figure 2: Initial Overlay ConfigurationInitial Overlay Configuration

Click Next to move to the next stage.

Assign Telemetry Profiles

This is the optional fifth and final stage of the Create Fabric wizard. You can assign telemetry profiles to any or all of the fabric devices in this stage. The Contrail Networking installation can include an sflow server for telemetry processing. When you assign a profile to a device, you are configuring the device to send telemetry data to this sflow server. For information on assigning telemetry profiles, see the Contrail Networking Fabric Lifecycle Management Guide.

This use case does not use telemetry profiles. Click Finish to exit the Create Fabric wizard.

Verify Underlay Configuration on the Device (Optional)

With just a few clicks, Contrail Networking has onboarded your fabric. If you want to see how Contrail Networking has configured your devices, you can log in to the individual devices to check.

  1. Log in to DC1-Access-Leaf-1 using your favorite SSH client.

    1. Check out the interfaces configuration:

      You can see the fabric interfaces (192.168.11.13 and 192.168.11.1) that connect from this leaf switch to the two spine switches, the loopback interface (192.168.111.248), and the management interface (192.168.1.183).

    2. Check out the BGP configuration:

      You can see that Contrail Networking has assigned ASN 65005 for the eBGP underlay and ASN 65000 for the iBGP overlay. The eBGP underlay has two peers, which are the two spine switches (identified by their fabric interface addresses and their AS numbers). The iBGP overlay also has two peers, which are the route reflectors on the two spine switches (identified by their loopback addresses).

  2. Log in to DC1-Border-Spine-1 using your favorite SSH client.

    1. Check out the interfaces configuration:

      You can see the fabric interfaces (192.168.11.14, 192.168.11.18, and 192.168.11.22) that connect from this spine switch to the three leaf switches, the loopback interface (192.168.111.251), and the management interface (192.168.1.13).

    2. Check out the BGP configuration:

      You can see that Contrail Networking has assigned ASN 65002 for the eBGP underlay and ASN 65000 for the iBGP overlay. The eBGP underlay has three peers, which are the three leaf switches (identified by their fabric interface addresses and their AS numbers). The iBGP overlay also has three peers, which are the three leaf switches (identified by their loopback addresses).