Using the Digital Sandbox - integrated with the Fabric Services System GUI
With this use case, a user can create some elements on the system GUI and deploy these to the Digital Sandbox. For the simulation session to fully work, some configuration (for example, endpoints) must be performed in the Digital Sandbox.
When using the Fabric Services System GUI, only one region/Digital Sandbox deployment can be created, and the information flow is unidirectional from the GUI to the Digital Sandbox. This means that if an intent is updated in the Digital Sandbox, the corresponding changes will not flow back to the Fabric Services System. Also, if a region or intent deployed in the Digital Sandbox is removed from the GUI, it will also be removed from the Digital Sandbox.
Working with intents
The Fabric Services System integrates with the Digital Sandbox using intents.
When a region, or fabric/workload intent is created in the Fabric Services System GUI, and the user indicates it should be deployed to the Digital Sandbox, a corresponding digital construct (underlay/workload) is automatically created in the Digital Sandbox.
Digital Sandbox intents that map to the Fabric Services System include:
underlay intents: Corresponds to the Fabric Services System underlay of a fabric (Leaf-Spine/Back-Bone).
workload intents: Corresponds to the Fabric Services System workloads that can span multiple fabrics. These define what kind of services that run on the servers in the rack and how they connect.
GUI and digital sandbox equivalents defines the Fabric Services System generated contexts, their Digital Sandbox equivalents, and the equivalent Digital Sandbox CLI used to perform the task.
Task performed on the Fabric Services System |
Digital Sandbox construct created |
Equivalent Digital Sandbox CLI command |
|---|---|---|
Create Region for deployment in the Digital Sandbox |
Digital Sandbox Intent |
|
Create fabric for deployment in the Digital Sandbox |
Digital Sandbox underlay |
|
Create workload for deployment in the Digital Sandbox |
Digital Sandbox workload |
|
The Digital Sandbox also has two unique workload types:
active-workload: For every workload that is made active (via an update), the Digital Sandbox automatically generates an active-workload. This specifies the endpoint server and the interface(s) used to simulate the endpoint connected via the workload subnet subinterface.
fully-qualified-workload intents: Allows the user to specify the IP address configuration of the endpoint interfaces. A workload created on the Fabric Services System does not contain this information, and it must be created in the Digital Sandbox.
For additional information on using the Fabric Services System GUI for intent management, see the Fabric Services System User Guide.
Creating an intent/region
A single region can be created in the Fabric Services System GUI and be deployed to the Digital Sandbox. If this region is created, updated, or removed in the GUI, the same action is performed in the Digital Sandbox. See the Fabric Services System User Guide for details on creating regions in the GUI.
The following CLI command can also be used to create an intent. An intent is the equivalent of a creating region in the Fabric Services System GUI. Creation of a Digital Sandbox intent triggers the creation of the Digital Sandbox deployment. Intents created in the Digital Sandbox will not appear in the Fabric Services System GUI.
dsctl intent create -i <name>
Creating an underlay (fabric) intent
Fabric intents can be created in the Fabric Services System GUI and be deployed to the Digital Sandbox. In the Digital Sandbox, a fabric intent is referred to as an underlay. If any fabric intent is created, updated, or removed in the GUI, the same action is performed in the Digital Sandbox. See the Fabric Services System User Guide for details on creating fabric intents in the GUI.
The following CLI command can also be used to create an underlay. An underlay is the equivalent of a creating a fabric intent in the Fabric Services System GUI. Note that if an underlay is created in the Digital Sandbox, it will not be created in the GUI.
dsctl intent create underlay -i <name> -n <underlay-name> -f <file>
Example:
The following will create an underlay intent in the Digital Sandbox. In this example, the underlay is associated with the DNS-compatible intent ID named ‛star’, and will be named ‛u1’. Data from the file /tmp/u1 is used to configure the underlay:
dsctl intent create underlay -i star -n u1 -f /tmp/u1
where the file /tmp/u1 contains the following:
meta:
intent: fspi352854779224915968
id: LagLs1_gatenet_fabric
name: fspf352854958523023360
version: 11
uid: lxqiblwcmuajqp2m
nodes:
- name: ls1-leaf-1
donotsimulate: false
type: NokSrLinux
hwdetails:
chassis: "66"
cpmtype: "177"
cardtype: "177"
mdatype: "194"
interfaces:
- mgmt0
- ethernet-1/1
...
- ethernet-1/34
mac: ""
uuid: "352854967851155456"
overrides:
tag: 0.0.0-27910
- name: ls1-spine-1
donotsimulate: false
type: NokSrLinux
hwdetails:
chassis: "42"
cpmtype: "69"
cardtype: "127"
mdatype: "182"
interfaces:
- mgmt0
- ethernet-1/1
...
- ethernet-4/36
mac: ""
uuid: "352854969713426432"
overrides:
tag: 0.0.0-27910
- name: ls1-leaf-2
donotsimulate: false
type: NokSrLinux
hwdetails:
chassis: "66"
cpmtype: "177"
cardtype: "177"
mdatype: "194"
interfaces:
- mgmt0
- ethernet-1/1
...
- ethernet-1/34
mac: ""
uuid: "352854967851220992"
overrides:
tag: 0.0.0-27910
links:
- endpoints:
- node: ls1-leaf-1
interface: ethernet-1/3
- endpoints:
- node: ls1-leaf-1
interface: ethernet-1/4
- endpoints:
- node: ls1-leaf-1
interface: ethernet-1/5
- endpoints:
- node: ls1-leaf-1
interface: ethernet-1/6
- endpoints:
- node: ls1-leaf-1
interface: ethernet-1/34
- node: ls1-spine-1
interface: ethernet-1/8
- endpoints:
- node: ls1-leaf-2
interface: ethernet-1/27
- node: ls1-spine-1
interface: ethernet-1/9
lags:
- endpoints:
- endpoints:
- node: ls1-leaf-1
interface: ethernet-1/10
- node: ls1-leaf-1
interface: ethernet-1/11
name: lag1e10e11
- endpoints:
- endpoints:
- node: ls1-leaf-1
interface: ethernet-1/12
- node: ls1-leaf-1
interface: ethernet-1/13
name: lag1e12e13
- endpoints:
- endpoints:
- node: ls1-leaf-2
interface: ethernet-1/10
- node: ls1-leaf-2
interface: ethernet-1/11
name: lag2e10e11
- endpoints:
- endpoints:
- node: ls1-leaf-2
interface: ethernet-1/12
- node: ls1-leaf-2
interface: ethernet-1/13
name: lag2e12e13
Creating a workload intent
Workload intents can be created in the Fabric Services System GUI and be deployed to the Digital Sandbox. In the Digital Sandbox, a workload intent is referred to by the same name; workload. If any workload intent is created, updated, or removed in the GUI, the same action is performed in the Digital Sandbox. See the Fabric Services System User Guide for details on creating workload intents in the GUI.
The following CLI command can also be used to create a workload. Note that if a workload is created in the Digital Sandbox, it will not be created in the GUI.
dsctl intent create workload -i <name> -n <workload-name> -f <file>
Example:
The following will create a workload intent. In this example, the workload is associated with the DNS-compatible intent ID named ‛star’, and will be named ‛w1’. Data from the file /tmp/w1 is used to configure the underlay:
dsctl intent create workload -i star -n w1 -f /tmp/w1
where the file /tmp/w1 contains the following:
meta:
intent: fspi352854779224915968
id: EvpnWl1
name: fspw352859849752576000
version: 1
uid: 1sd7znoq5f818jul
config:
type: 2
subnets:
Br1Gw:
identifier:
id: "352859919361245184"
name: Br1Gw
vrftype: 1
interfaces:
TestWorkloadwithLag.LagLs1.LagLs1_gatenet_fabric.ls1-leaf-1-7220 IXR-D3.lag1e12e13.2:
config:
name: TestWorkloadwithLag.LagLs1.LagLs1_gatenet_fabric.ls1-leaf-1-7220
IXR-D3.lag1e12e13.2
node: ls1-leaf-1
interface: lag1e12e13
index: 0
encap:
type: 1
dot1q: 2
ips:
- 12.12.12.1/24
- 12.12.22.1/24
TestWorkloadwithLag.LagLs2.LagLs2_gatenet_fabric.ls2-leaf-2-7220 IXR-D3.lag2e12e13.2:
config:
name: TestWorkloadwithLag.LagLs2.LagLs2_gatenet_fabric.ls2-leaf-2-7220
IXR-D3.lag2e12e13.2
node: ls2-leaf-2
interface: lag2e12e13
index: 0
encap:
type: 1
dot1q: 2
ips:
- 12.12.12.1/24
- 12.12.22.1/24
Rt1:
identifier:
id: "352859941238734848"
name: Rt1
vrftype: 2
interfaces:
TestWorkloadwithLag.LagLs2.LagLs2_gatenet_fabric.ls2-leaf-1-7220 IXR-D3.lag1e12e13.3:
config:
name: TestWorkloadwithLag.LagLs2.LagLs2_gatenet_fabric.ls2-leaf-1-7220
IXR-D3.lag1e12e13.3
node: ls2-leaf-1
interface: lag1e12e13
index: 0
encap:
type: 1
dot1q: 3
ips:
- 14.14.14.1/24
br1NoGw:
identifier:
id: "352859881830612992"
name: br1NoGw
vrftype: 1
interfaces:
TestWorkloadwithLag.LagLs1.LagLs1_gatenet_fabric.ls1-leaf-1-7220 IXR-D3.lag1e10e11.1:
config:
name: TestWorkloadwithLag.LagLs1.LagLs1_gatenet_fabric.ls1-leaf-1-7220
IXR-D3.lag1e10e11.1
node: ls1-leaf-1
interface: lag1e10e11
index: 0
encap:
type: 1
dot1q: 1
ips: []
TestWorkloadwithLag.LagLs1.LagLs1_gatenet_fabric.ls1-leaf-2-7220 IXR-D3.lag2e10e11.1:
config:
name: TestWorkloadwithLag.LagLs1.LagLs1_gatenet_fabric.ls1-leaf-2-7220
IXR-D3.lag2e10e11.1
node: ls1-leaf-2
interface: lag2e10e11
index: 0
encap:
type: 1
dot1q: 1
ips: []
Configuring the network edge
Whether configured on the Fabric Services System GUI or Digital Sandbox, underlay and workload intents lack sufficient information about the network edge. This limits the number of routes within a simulation, impacts traffic injection, and traffic network traversal is not possible.
This information is partially obtained through details in the active workload and through user input using the fully-qualified workload intent.
Generating an active workload
For every workload that is made active (via an update), the Digital Sandbox automatically generates an active-workload. This specifies the endpoint server and the interfaces or interfaces used to simulate the endpoint connected via the workload subnet subinterface. There is no equivalent of an active workload on the Fabric Services System GUI.
If you view an active workload, you can see that a peer section is added to the workload by the Digital Sandbox. This section contains:
config: Specifies the endpoint node and interface, including potential encapsulation
state: Specifies the virtual-sim and actual interfaces assigned to the interface specified in the config section
protocols: Specifies the protocols running on the interface (not supported yet)
The following CLI command can be used to view an active workload:
dsctl intent list active-workload -i <name> -n <active-workload-name>
Example:
dsctl intent list active-workload -i star -n aw1
{
"meta": {
"intent": "star",
"id": "w1",
"name": "w-1c3qxz79ccypf82f",
"version": 1,
"uid": "65oun6n1r0w90yum"
},
"source": {
"workload": {
"uid": "3ixz5smw6lxnnl3e",
"version": 1
}
},
"config": {
"subnets": {
"Rt1": {
"identifier": {
"id": "352859941238734848",
"name": "Rt1"
},
"vrf_type": 2,
"interfaces": {
"TestWorkloadwithLag.LagLs2.LagLs2_gatenet_fabric.ls2-leaf-1-7220 IXR-D3.lag1e12e13.3": {
"config": {
"config": {
"name": "TestWorkloadwithLag.LagLs2.LagLs2_gatenet_fabric.ls2-leaf-1-7220 IXR-D3.lag1e12e13.3",
"node": "ls2-leaf-1",
"interface": "lag1e12e13",
"encap": {
"type": 1,
"dot1q": 3
},
"ips": [
"14.14.14.1/24"
]
},
"peer": {
"config": {
"node": "sim-0",
"interface": "lag-lag1e12e13",
"encap": {
"type": 1,
"dot1q": 3
}
},
"state": {
"vsim": "vsim-14",
"interfaces": [
"itf-14",
"itf-18"
]
},
"protocols": {}
}
}
}
}
}
},
"type": 2
}
}
Creating a fully-qualified workload intent
To complete a deployment on the Digital Sandbox, the IP configuration and protocol definition of the peer is needed. This can only be created in the Digital Sandbox using a fully-qualified workload intent. There is no equivalent in the Fabric Services System GUI.
The following CLI command is used to create a fully-qualified workload intent. A fully-qualified-workload has the same sections and subsections as the active-workload, but also includes the IP configuration and protocol definition of the peer.
dsctl intent create fully-qualified -i <name> -n <workload-name> -f <file>
Example:
The following will create a fully-qualified workload intent. In this example, note that an 'ips' section is now included in the peer subsection.
dsctl intent create fully-qualified-workload -i star -n fqw1 -f /tmp/fqw1
where the file /tmp/fqw1 contains the following:
{
"meta": {
"intent": "star",
"id": "fqw1",
"name": "w-1c3qxz79ccypf82f",
"version": 1,
"uid": "ujc2zn8i5e1kvh47"
},
"config": {
"subnets": {
"Rt1": {
"identifier": {
"id": "352859941238734848",
"name": "Rt1"
},
"vrf_type": 2,
"interfaces": {
"TestWorkloadwithLag.LagLs2.LagLs2_gatenet_fabric.ls2-leaf-1-7220 IXR-D3.lag1e12e13.3": {
"config": {
"config": {
"name": "TestWorkloadwithLag.LagLs2.LagLs2_gatenet_fabric.ls2-leaf-1-7220 IXR-D3.lag1e12e13.3",
"node": "ls2-leaf-1",
"interface": "lag1e12e13",
"encap": {
"type": 1,
"dot1q": 3
},
"ips": [
"14.14.14.1/24"
]
},
"peer": {
"config": {
"node": "sim-0",
"interface": "lag-lag1e12e13",
"encap": {
"type": 1,
"dot1q": 3
},
"ips": [
"14.14.14.76/24"
]
},
"state": {
"vsim": "vsim-14",
"interfaces": [
"itf-14",
"itf-18"
]
},
"protocols": {}
}
}
}
}
}
},
"type": 2
}
}