Help us understand the problem. What is going on with this article?

VagrantによるVXLAN設定環境一発構築

More than 1 year has passed since last update.

はじめに

クラウド環境にて使われるVXLANについて、公式のgitを元に環境構築してみました。
しかし、MacOSやWindowsで構築できなかったり、手順が不足しているようでしたので本記に載せておきます。

参考 (https://github.com/Juniper/vqfx10k-vagrant)

  10.10.1.10 10.10.2.10      10.10.1.20 10.10.2.20
  ========= =========        ========= =========
  | srv11 | | srv12 |        | srv21 | | srv22 |
  ========= =========        ========= =========
    eth1 |   | eth1            eth1 |   | eth1
xe-0/0/1 |   | xe-0/0/2    xe-0/0/1 |   | xe-0/0/2
  =============               =============
  |           | ------------- |           |
  | vqfx1-re  |    xe-0/0/0   | vqfx2-re  |
  |           |               |           |
  =============               =============
      em1|                        em1|
  =============               =============
  | vqfx1-pfe |               | vqfx1-pfe |
  =============               =============

前提条件

私が構築した時の環境です
OS:Ubuntu18.04 (CentOSでもいけると思いますが、未実施です)

※MacOSですとpythonモジュールエラーでansibleが動きませんでした。

環境構築

まずは必要なものをインストール

sudo su -
mkdir vagrant
apt install git python-pip vagrant ansible virtualbox -y
pip install junos-eznc
pip install jxmlease 
ansible-galaxy install Juniper.junos

git cloneで資材を持ってきます

cd vagrant
git clone https://github.com/Juniper/vqfx10k-vagrant.git
cd vqfx10k-vagrant/full-2qfx-4srv-evpnvxlan

下記デプロイ開始したらしばらく待ちましょう

vagrant up

結果

vqfxはこんな感じ

vagrant@vqfx1> show configuration | display set 
set version 17.4R1.16
set system host-name vqfx1
set system root-authentication encrypted-password "$1$fv3Ke4LT$10nlsy3SEJy5ainm.kPTd."
set system root-authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
set system login user vagrant uid 2000
set system login user vagrant class super-user
set system login user vagrant authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
set system services ssh root-login allow
set system services netconf ssh
set system syslog user * any emergency
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system extensions providers juniper license-type juniper deployment-scope commercial
set system extensions providers chef license-type juniper deployment-scope commercial
set interfaces xe-0/0/0 description "connect 2 vqfx2"
set interfaces xe-0/0/0 unit 0 family inet address 10.0.0.1/30
set interfaces xe-0/0/1 description server11
set interfaces xe-0/0/1 unit 0 family ethernet-switching vlan members 100
set interfaces xe-0/0/2 description server12
set interfaces xe-0/0/2 unit 0 family ethernet-switching vlan members 200
set interfaces em0 unit 0 family inet dhcp
set interfaces em1 unit 0 family inet address 169.254.0.2/24
set interfaces irb unit 10000 proxy-macip-advertisement
set interfaces irb unit 10000 virtual-gateway-accept-data
set interfaces irb unit 10000 description irb_vxlan_10000
set interfaces irb unit 10000 family inet address 10.10.1.251/24 virtual-gateway-address 10.10.1.254
set interfaces irb unit 10000 virtual-gateway-v4-mac 00:01:94:00:01:01
set interfaces irb unit 20000 proxy-macip-advertisement
set interfaces irb unit 20000 virtual-gateway-accept-data
set interfaces irb unit 20000 description irb_vxlan_20000
set interfaces irb unit 20000 family inet address 10.10.2.251/24 virtual-gateway-address 10.10.2.254
set interfaces irb unit 20000 virtual-gateway-v4-mac 00:01:94:00:01:02
set interfaces lo0 description "vxlan source"
set interfaces lo0 unit 0 family inet address 9.9.9.1/32
set routing-options router-id 9.9.9.1
set routing-options autonomous-system 64500
set protocols bgp group evpn_overlay type internal
set protocols bgp group evpn_overlay local-address 9.9.9.1
set protocols bgp group evpn_overlay family evpn signaling
set protocols bgp group evpn_overlay neighbor 9.9.9.2
set protocols ospf area 0.0.0.0 interface lo0.0 passive
set protocols ospf area 0.0.0.0 interface xe-0/0/0.0
set protocols evpn encapsulation vxlan
set protocols evpn multicast-mode ingress-replication
set protocols evpn default-gateway no-gateway-community
set protocols evpn extended-vni-list all
set protocols lldp interface all
set switch-options vtep-source-interface lo0.0
set switch-options route-distinguisher 9991:1
set switch-options vrf-target target:64500:9991
set switch-options vrf-target auto
set vlans default vlan-id 1
set vlans servers100 vlan-id 100
set vlans servers100 l3-interface irb.10000
set vlans servers100 vxlan vni 10000
set vlans servers100 vxlan ingress-node-replication
set vlans servers200 vlan-id 200
set vlans servers200 l3-interface irb.20000
set vlans servers200 vxlan vni 20000
set vlans servers200 vxlan ingress-node-replication

{master:0}
vagrant@vqfx1> 

動作確認は後日実施します。

以上

Why do not you register as a user and use Qiita more conveniently?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away