Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Flow improvement #43

Merged
merged 12 commits into from
Nov 7, 2024
Merged

Flow improvement #43

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
a5add18
adjust flow and section headings
mrbojangles3 Oct 30, 2024
8abff16
add oras and hhfab to prerequisites
mrbojangles3 Oct 30, 2024
96ee813
clearer text
mrbojangles3 Oct 30, 2024
4aa22fa
add username and password to ghcr login command
mrbojangles3 Oct 30, 2024
7a4b503
Apply suggestions from Quentin
mrbojangles3 Oct 31, 2024
c97c650
add username and password flag into example
mrbojangles3 Oct 31, 2024
a042b12
integrating comments from Quentin
mrbojangles3 Oct 31, 2024
9cb3690
title,proper noun, and cli
mrbojangles3 Oct 31, 2024
938bb89
Merge branch 'master' into flow_improvement
mrbojangles3 Oct 31, 2024
580863a
descriptions belong at the start
mrbojangles3 Nov 1, 2024
388796f
keep the To Install where it was
mrbojangles3 Nov 4, 2024
d809842
Update docs/vlab/overview.md
mrbojangles3 Nov 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
224 changes: 112 additions & 112 deletions docs/vlab/demo.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -86,6 +86,118 @@ graph TD
L1 & L2 & L2 & L3 & L4 & L5 <----> S1 & S2
```

## Utility based VPC creation

### Setup VPCs
`hhfab vlab` includes a utility to create VPCs in vlab. This utility is a `hhfab vlab` sub-command. `hhfab vlab setup-vpcs`.

```console
NAME:
hhfab vlab setup-vpcs - setup VPCs and VPCAttachments for all servers and configure networking on them

USAGE:
hhfab vlab setup-vpcs [command options]

OPTIONS:
--dns-servers value, --dns value [ --dns-servers value, --dns value ] DNS servers for VPCs advertised by DHCP
--force-clenup, -f start with removing all existing VPCs and VPCAttachments (default: false)
--help, -h show help
--interface-mtu value, --mtu value interface MTU for VPCs advertised by DHCP (default: 0)
--ipns value IPv4 namespace for VPCs (default: "default")
--name value, -n value name of the VM or HW to access
--servers-per-subnet value, --servers value number of servers per subnet (default: 1)
--subnets-per-vpc value, --subnets value number of subnets per VPC (default: 1)
--time-servers value, --ntp value [ --time-servers value, --ntp value ] Time servers for VPCs advertised by DHCP
--vlanns value VLAN namespace for VPCs (default: "default")
--wait-switches-ready, --wait wait for switches to be ready before and after configuring VPCs and VPCAttachments (default: true)

Global options:

--brief, -b brief output (only warn and error) (default: false) [$HHFAB_BRIEF]
--cache-dir DIR use cache dir DIR for caching downloaded files (default: "/home/ubuntu/.hhfab-cache") [$HHFAB_CACHE_DIR]
--verbose, -v verbose output (includes debug) (default: false) [$HHFAB_VERBOSE]
--workdir PATH run as if hhfab was started in PATH instead of the current working directory (default: "/home/ubuntu") [$HHFAB_WORK_DIR]
```

### Setup Peering
`hhfab vlab` includes a utility to create VPC peerings in VLAB. This utility is a `hhfab vlab` sub-command. `hhfab vlab setup-peerings`.

```console
NAME:
hhfab vlab setup-peerings - setup VPC and External Peerings per requests (remove all if empty)

USAGE:
Setup test scenario with VPC/External Peerings by specifying requests in the format described below.

Example command:

$ hhfab vlab setup-peerings 1+2 2+4:r=border 1~as5835 2~as5835:subnets=sub1,sub2:prefixes=0.0.0.0/0,22.22.22.0/24
mrbojangles3 marked this conversation as resolved.
Show resolved Hide resolved

Which will produce:
1. VPC peering between vpc-01 and vpc-02
2. Remote VPC peering between vpc-02 and vpc-04 on switch group named border
3. External peering for vpc-01 with External as5835 with default vpc subnet and any routes from external permitted
4. External peering for vpc-02 with External as5835 with subnets sub1 and sub2 exposed from vpc-02 and default route
from external permitted as well any route that belongs to 22.22.22.0/24

VPC Peerings:

1+2 -- VPC peering between vpc-01 and vpc-02
demo-1+demo-2 -- VPC peering between demo-1 and demo-2
1+2:r -- remote VPC peering between vpc-01 and vpc-02 on switch group if only one switch group is present
1+2:r=border -- remote VPC peering between vpc-01 and vpc-02 on switch group named border
1+2:remote=border -- same as above

External Peerings:

1~as5835 -- external peering for vpc-01 with External as5835
1~ -- external peering for vpc-1 with external if only one external is present for ipv4 namespace of vpc-01, allowing
default subnet and any route from external
1~:subnets=default@prefixes=0.0.0.0/0 -- external peering for vpc-1 with auth external with default vpc subnet and
default route from external permitted
1~as5835:subnets=default,other:prefixes=0.0.0.0/0_le32_ge32,22.22.22.0/24 -- same but with more details
1~as5835:s=default,other:p=0.0.0.0/0_le32_ge32,22.22.22.0/24 -- same as above

OPTIONS:
--help, -h show help
--name value, -n value name of the VM or HW to access
--wait-switches-ready, --wait wait for switches to be ready before before and after configuring peerings (default: true)

Global options:

--brief, -b brief output (only warn and error) (default: false) [$HHFAB_BRIEF]
--cache-dir DIR use cache dir DIR for caching downloaded files (default: "/home/ubuntu/.hhfab-cache") [$HHFAB_CACHE_DIR]
--verbose, -v verbose output (includes debug) (default: false) [$HHFAB_VERBOSE]
--workdir PATH run as if hhfab was started in PATH instead of the current working directory (default: "/home/ubuntu") [$HHFAB_WORK_DIR]
```

### Test Connectivity
`hhfab vlab` includes a utility to test connectivity between servers inside VLAB. This utility is a `hhfab vlab` sub-command. `hhfab vlab test-connectivity`.

```console
NAME:
hhfab vlab test-connectivity - test connectivity between all servers

USAGE:
hhfab vlab test-connectivity [command options]

OPTIONS:
--curls value number of curl tests to run for each server to test external connectivity (0 to disable) (default: 3)
--help, -h show help
--iperfs value seconds of iperf3 test to run between each pair of reachable servers (0 to disable) (default: 10)
--iperfs-speed value minimum speed in Mbits/s for iperf3 test to consider successful (0 to not check speeds) (default: 7000)
--name value, -n value name of the VM or HW to access
--pings value number of pings to send between each pair of servers (0 to disable) (default: 5)
--wait-switches-ready, --wait wait for switches to be ready before testing connectivity (default: true)

Global options:

--brief, -b brief output (only warn and error) (default: false) [$HHFAB_BRIEF]
--cache-dir DIR use cache dir DIR for caching downloaded files (default: "/home/ubuntu/.hhfab-cache") [$HHFAB_CACHE_DIR]
--verbose, -v verbose output (includes debug) (default: false) [$HHFAB_VERBOSE]
--workdir PATH run as if hhfab was started in PATH instead of the current working directory (default: "/home/ubuntu") [$HHFAB_WORK_DIR]

```
## Manual VPC creation
### Creating and attaching VPCs

Expand Down Expand Up @@ -294,118 +406,6 @@ From 10.0.1.1 icmp_seq=3 Destination Net Unreachable
3 packets transmitted, 3 received, +3 duplicates, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 6.987/8.720/9.595/1.226 ms
```
## Utility based VPC creation

### Setup VPCs
`hhfab vlab` includes a utility to create VPCs in vlab. This utility is a `hhfab vlab` sub-command. `hhfab vlab setup-vpcs`.

```console
NAME:
hhfab vlab setup-vpcs - setup VPCs and VPCAttachments for all servers and configure networking on them

USAGE:
hhfab vlab setup-vpcs [command options]

OPTIONS:
--dns-servers value, --dns value [ --dns-servers value, --dns value ] DNS servers for VPCs advertised by DHCP
--force-clenup, -f start with removing all existing VPCs and VPCAttachments (default: false)
--help, -h show help
--interface-mtu value, --mtu value interface MTU for VPCs advertised by DHCP (default: 0)
--ipns value IPv4 namespace for VPCs (default: "default")
--name value, -n value name of the VM or HW to access
--servers-per-subnet value, --servers value number of servers per subnet (default: 1)
--subnets-per-vpc value, --subnets value number of subnets per VPC (default: 1)
--time-servers value, --ntp value [ --time-servers value, --ntp value ] Time servers for VPCs advertised by DHCP
--vlanns value VLAN namespace for VPCs (default: "default")
--wait-switches-ready, --wait wait for switches to be ready before and after configuring VPCs and VPCAttachments (default: true)

Global options:

--brief, -b brief output (only warn and error) (default: false) [$HHFAB_BRIEF]
--cache-dir DIR use cache dir DIR for caching downloaded files (default: "/home/ubuntu/.hhfab-cache") [$HHFAB_CACHE_DIR]
--verbose, -v verbose output (includes debug) (default: false) [$HHFAB_VERBOSE]
--workdir PATH run as if hhfab was started in PATH instead of the current working directory (default: "/home/ubuntu") [$HHFAB_WORK_DIR]
```

### Setup Peering
`hhfab vlab` includes a utility to create VPC peerings in VLAB. This utility is a `hhfab vlab` sub-command. `hhfab vlab setup-peerings`.

```console
NAME:
hhfab vlab setup-peerings - setup VPC and External Peerings per requests (remove all if empty)

USAGE:
Setup test scenario with VPC/External Peerings by specifying requests in the format described below.

Example command:

$ hhfab vlab setup-peerings 1+2 2+4:r=border 1~as5835 2~as5835:subnets=sub1,sub2:prefixes=0.0.0.0/0,22.22.22.0/24

Which will produce:
1. VPC peering between vpc-01 and vpc-02
2. Remote VPC peering between vpc-02 and vpc-04 on switch group named border
3. External peering for vpc-01 with External as5835 with default vpc subnet and any routes from external permitted
4. External peering for vpc-02 with External as5835 with subnets sub1 and sub2 exposed from vpc-02 and default route
from external permitted as well any route that belongs to 22.22.22.0/24

VPC Peerings:

1+2 -- VPC peering between vpc-01 and vpc-02
demo-1+demo-2 -- VPC peering between demo-1 and demo-2
1+2:r -- remote VPC peering between vpc-01 and vpc-02 on switch group if only one switch group is present
1+2:r=border -- remote VPC peering between vpc-01 and vpc-02 on switch group named border
1+2:remote=border -- same as above

External Peerings:

1~as5835 -- external peering for vpc-01 with External as5835
1~ -- external peering for vpc-1 with external if only one external is present for ipv4 namespace of vpc-01, allowing
default subnet and any route from external
1~:subnets=default@prefixes=0.0.0.0/0 -- external peering for vpc-1 with auth external with default vpc subnet and
default route from external permitted
1~as5835:subnets=default,other:prefixes=0.0.0.0/0_le32_ge32,22.22.22.0/24 -- same but with more details
1~as5835:s=default,other:p=0.0.0.0/0_le32_ge32,22.22.22.0/24 -- same as above

OPTIONS:
--help, -h show help
--name value, -n value name of the VM or HW to access
--wait-switches-ready, --wait wait for switches to be ready before before and after configuring peerings (default: true)

Global options:

--brief, -b brief output (only warn and error) (default: false) [$HHFAB_BRIEF]
--cache-dir DIR use cache dir DIR for caching downloaded files (default: "/home/ubuntu/.hhfab-cache") [$HHFAB_CACHE_DIR]
--verbose, -v verbose output (includes debug) (default: false) [$HHFAB_VERBOSE]
--workdir PATH run as if hhfab was started in PATH instead of the current working directory (default: "/home/ubuntu") [$HHFAB_WORK_DIR]
```

### Test Connectivity
`hhfab vlab` includes a utility to test connectivity between servers inside VLAB. This utility is a `hhfab vlab` sub-command. `hhfab vlab test-connectivity`.

```console
NAME:
hhfab vlab test-connectivity - test connectivity between all servers

USAGE:
hhfab vlab test-connectivity [command options]

OPTIONS:
--curls value number of curl tests to run for each server to test external connectivity (0 to disable) (default: 3)
--help, -h show help
--iperfs value seconds of iperf3 test to run between each pair of reachable servers (0 to disable) (default: 10)
--iperfs-speed value minimum speed in Mbits/s for iperf3 test to consider successful (0 to not check speeds) (default: 7000)
--name value, -n value name of the VM or HW to access
--pings value number of pings to send between each pair of servers (0 to disable) (default: 5)
--wait-switches-ready, --wait wait for switches to be ready before testing connectivity (default: true)

Global options:

--brief, -b brief output (only warn and error) (default: false) [$HHFAB_BRIEF]
--cache-dir DIR use cache dir DIR for caching downloaded files (default: "/home/ubuntu/.hhfab-cache") [$HHFAB_CACHE_DIR]
--verbose, -v verbose output (includes debug) (default: false) [$HHFAB_VERBOSE]
--workdir PATH run as if hhfab was started in PATH instead of the current working directory (default: "/home/ubuntu") [$HHFAB_WORK_DIR]

```

## Using VPCs with overlapping subnets

Expand Down
23 changes: 13 additions & 10 deletions docs/vlab/running.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ ubuntu@docs:~$ hhfab vlab gen
21:27:16 INF >>> mclagServers=2 eslagServers=2 unbundledServers=1 bundledServers=1
21:27:16 INF Generated wiring file name=vlab.generated.yaml
```
[Click Here](#build-the-installer-and-start-vlab) to start VLAB, or see the next section for customizing the topology.
mrbojangles3 marked this conversation as resolved.
Show resolved Hide resolved

### Collapsed Core
If a Collapsed Core topology is desired, after the `hhfab init --dev` step, edit the resulting `fab.yaml` file and change the `mode: spine-leaf` to `mode: collapsed-core`.
Expand Down Expand Up @@ -119,22 +120,14 @@ When the message `INF Control node is ready vm=control-1 type=control` from the
has been displayed, you can get into the control node and other VMs to watch the Fabric coming up and switches getting
provisioned. See [Accessing the VLAB](#accessing-the-vlab).

## Configuring VLAB VMs
## Enable Outside connectivity from VLAB VMs

By default, all test server VMs are isolated and have no connectivity to the host or the Internet. You can configure
enable connectivity using `hhfab vlab up --restrict-servers=false` to allow the test servers to access the Internet and
the host. When you enable connectivity, VMs get a default route pointing to the host, which means that in case of the
VPC peering you need to configure test server VMs to use the VPC attachment as a default route (or just some specific
subnets).

## Default credentials

Fabricator creates default users and keys for you to login into the control node and test servers as well as for the
SONiC Virtual Switches.

Default user with passwordless sudo for the control node and test servers is `core` with password `HHFab.Admin!`.
Admin user with full access and passwordless sudo for the switches is `admin` with password `HHFab.Admin!`.
Read-only, non-sudo user with access only to the switch CLI for the switches is `op` with password `HHFab.Op!`.

## Accessing the VLAB

Expand Down Expand Up @@ -167,7 +160,17 @@ Name: control-1
Ready: true
Basedir: .hhfab/vlab-vms/control-1
```
### Default credentials

Fabricator creates default users and keys for you to login into the control node and test servers as well as for the
SONiC Virtual Switches.

Default user with passwordless sudo for the control node and test servers is `core` with password `HHFab.Admin!`.
Admin user with full access and passwordless sudo for the switches is `admin` with password `HHFab.Admin!`.
Read-only, non-sudo user with access only to the switch CLI for the switches is `op` with password `HHFab.Op!`.


## Manage the VLAB Network
On the control node you have access to kubectl, Fabric CLI, and k9s to manage the Fabric. You can find information
about the switches provisioning by running `kubectl get agents -o wide`. It usually takes about 10-15 minutes for the
switches to get installed.
Expand All @@ -192,7 +195,7 @@ applied. `CurrentG` shows the generation of the configuration the switch is supp
At that point Fabric is ready and you can use `kubectl` and `kubectl fabric` to manage the Fabric. You can find more
about managing the Fabric in the [Running Demo](demo.md) and [User Guide](../user-guide/overview.md) sections.

## Getting main Fabric objects
### Getting main Fabric objects

You can list the main Fabric objects by running `kubectl get` on the control node. You can find more details about
using the Fabric in the [User Guide](../user-guide/overview.md), [Fabric API](../reference/api.md) and
Expand Down