VagrantによるVXLAN設定環境一発構築

#はじめに
クラウド環境にて使われるVXLANについて、公式のgitを元に環境構築してみました。
しかし、MacOSやWindowsで構築できなかったり、手順が不足しているようでしたので本記に載せておきます。

参考 (https://github.com/Juniper/vqfx10k-vagrant)

  10.10.1.10 10.10.2.10      10.10.1.20 10.10.2.20
  ========= =========        ========= =========
  | srv11 | | srv12 |        | srv21 | | srv22 |
  ========= =========        ========= =========
    eth1 |   | eth1            eth1 |   | eth1
xe-0/0/1 |   | xe-0/0/2    xe-0/0/1 |   | xe-0/0/2
  =============               =============
  |           | ------------- |           |
  | vqfx1-re  |    xe-0/0/0   | vqfx2-re  |
  |           |               |           |
  =============               =============
      em1|                        em1|
  =============               =============
  | vqfx1-pfe |               | vqfx1-pfe |
  =============               =============

#前提条件
私が構築した時の環境です
OS:Ubuntu18.04 (CentOSでもいけると思いますが、未実施です)

※MacOSですとpythonモジュールエラーでansibleが動きませんでした。

#環境構築

まずは必要なものをインストール

sudo su -
mkdir vagrant

apt install git python-pip vagrant ansible virtualbox -y

pip install junos-eznc
pip install jxmlease 

ansible-galaxy install Juniper.junos

git cloneで資材を持ってきます

cd vagrant
git clone https://github.com/Juniper/vqfx10k-vagrant.git
cd vqfx10k-vagrant/full-2qfx-4srv-evpnvxlan

下記デプロイ開始したらしばらく待ちましょう

vagrant up

#結果

vqfxはこんな感じ

vagrant@vqfx1> show configuration | display set 
set version 17.4R1.16
set system host-name vqfx1
set system root-authentication encrypted-password "$1$fv3Ke4LT$10nlsy3SEJy5ainm.kPTd."
set system root-authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
set system login user vagrant uid 2000
set system login user vagrant class super-user
set system login user vagrant authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
set system services ssh root-login allow
set system services netconf ssh
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system extensions providers juniper license-type juniper deployment-scope commercial
set system extensions providers chef license-type juniper deployment-scope commercial
set interfaces xe-0/0/0 description "connect 2 vqfx2"
set interfaces xe-0/0/0 unit 0 family inet address 10.0.0.1/30
set interfaces xe-0/0/1 description server11
set interfaces xe-0/0/1 unit 0 family ethernet-switching vlan members 100
set interfaces xe-0/0/2 description server12
set interfaces xe-0/0/2 unit 0 family ethernet-switching vlan members 200
set interfaces em0 unit 0 family inet dhcp
set interfaces em1 unit 0 family inet address 169.254.0.2/24
set interfaces irb unit 10000 proxy-macip-advertisement
set interfaces irb unit 10000 virtual-gateway-accept-data
set interfaces irb unit 10000 description irb_vxlan_10000
set interfaces irb unit 10000 family inet address 10.10.1.251/24 virtual-gateway-address 10.10.1.254
set interfaces irb unit 10000 virtual-gateway-v4-mac 00:01:94:00:01:01
set interfaces irb unit 20000 proxy-macip-advertisement
set interfaces irb unit 20000 virtual-gateway-accept-data
set interfaces irb unit 20000 description irb_vxlan_20000
set interfaces irb unit 20000 family inet address 10.10.2.251/24 virtual-gateway-address 10.10.2.254
set interfaces irb unit 20000 virtual-gateway-v4-mac 00:01:94:00:01:02
set interfaces lo0 description "vxlan source"
set interfaces lo0 unit 0 family inet address 9.9.9.1/32
set routing-options router-id 9.9.9.1
set routing-options autonomous-system 64500
set protocols bgp group evpn_overlay type internal
set protocols bgp group evpn_overlay local-address 9.9.9.1
set protocols bgp group evpn_overlay family evpn signaling
set protocols bgp group evpn_overlay neighbor 9.9.9.2
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
set protocols evpn default-gateway no-gateway-community
set protocols evpn extended-vni-list all
set protocols lldp interface all
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 9991:1
set switch-options vrf-target target:64500:9991
set switch-options vrf-target auto
set vlans default vlan-id 1
set vlans servers100 vlan-id 100
set vlans servers100 l3-interface irb.10000
set vlans servers100 vxlan vni 10000
set vlans servers100 vxlan ingress-node-replication
set vlans servers200 vlan-id 200
set vlans servers200 l3-interface irb.20000
set vlans servers200 vxlan vni 20000
set vlans servers200 vxlan ingress-node-replication

{master:0}
vagrant@vqfx1> 

動作確認は後日実施します。

以上