Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Prerequisites

  1. Linux management server connected to two distribution switches
  2. Multiple free /24 networks for IPv4 management addressing
  3. Somewhere to host git repositories (you need to create three new repositories)

...

mkdir {access,core,devices,dist,fabric,global,groups}
touch {access,core,dist,fabric,global}/{base_system.yml,groups.yml,routing.yml,vxlans.yml}
touch {access,core,dist,fabric}/base_system.yml
touch devices/README
touch groups/README

Edit global/routing.yml and configure the IP blocks you allocated before:

---
underlay:
  infra_link_net: 10.198.0.0/16
  infra_lo_net: 10.199.0.0/16
  mgmt_lo_net: 10.100.3.0/24.3.0/24

Edit global/groups.yml and add the group ALL:

groups:
  - group:
      name: 'ALL'
      regex: '.*'

Commit and push

etc repo

For etc repository add a directory called dhcpd and then add a file called dhcpd.conf in there based on https://github.com/SUNET/cnaas-nms/blob/develop/docker/dhcpd/dhcpd.conf to dhcpd/dhcpd.conf

mkdir -p dhcpd && touch dhcpd/dhcpd.conf

In dhcd.conf replace the last subnet definition with the ZTP network for access switches you want to use for this distribution switch pair. If you have many pairs of distribution switches and ZTP networks you need to copy the subnet definition for each ZTP network.

...

Once the databases and API are up you can create your first initial dist switches. Start by checking if you can access the API (the JWT token has to be signed by the cert(auth-server) you copied in to the api container earlier. the CNAASURL can very depending on setup):

export JWT_AUTH_TOKEN="eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJpYXQiOjE1NzEwNTk2MTgsIm5iZiI6MTU3MTA1OTYxOCwianRpIjoiNTQ2MDk2YTUtZTNmOS00NzFlLWE2NTctZWFlYTZkNzA4NmVhIiwic3ViIjoiYWRtaW4iLCJmcmVzaCI6ZmFsc2UsInR5cGUiOiJhY2Nlc3MifQ.Sfffg9oZg_Kmoq7Oe8IoTcbuagpP6nuUXOQzqJpgDfqDq_GM_4zGzt7XxByD4G0q8g4gZGHQnV14TpDer2hJXw"
export CNAASURL="https://localhost"
curl -s -H "Authorization: Bearer ${JWT_AUTH_TOKEN}" https://localhost ${CNAASURL}/api/v1.00/system/devicesversion

If you don't have installed valid certificates you will need to add -k to curl to make it accept self signed certificates. This curl command should return a result with status success but no data.

...

curl -s -H "Authorization: Bearer $JWT_AUTH_TOKEN" https://localhost${CNAASURL}/api/v1.0/repository/templates -d '{"action": "refresh"}' -X PUT -H "Content-Type: application/json"
curl -s -H "Authorization: Bearer $JWT_AUTH_TOKEN" https://localhost${CNAASURL}/api/v1.0/repository/settings -d '{"action": "refresh"}' -X PUT -H "Content-Type: application/json"

...

curl -s -H "Authorization: Bearer $JWT_AUTH_TOKEN" ${CNAASURL}/api/v1.0/device -X POST -d '{  "hostname": "eosdist1",  "management_ip": "10.100.3.0",  "platform": "eos",  "state": "MANAGED",  "device_type": "DIST"}' -H "Content-Type: application/json"

...

curl -s -H "Authorization: Bearer $JWT_AUTH_TOKEN" https://localhost${CNAASURL}/api/v1.0/repository/templates -d '{"action": "refresh"}' -X PUT -H "Content-Type: application/json"
curl -s -H "Authorization: Bearer $JWT_AUTH_TOKEN" https://localhost${CNAASURL}/api/v1.0/repository/settings -d '{"action": "refresh"}' -X PUT -H "Content-Type: application/json"

...