Open abessiari opened 1 week ago
@xi-yang
I opened this here to track it
@xi-yang
So adding a fabric node trigger peering the l3vpn fabric network with an auxiliary fabric l3vpn network ... So it looks like fabric gets involved and here is a summary what al2s is showing: Three connections, GCP, AWS and FABRIC. I guess this last one is the one you are looking for. The code did not change .... I will paste the fab config below and check it in at some point ....
{
"type": "l3conn",
"tag": 543,
"authState": "LIVE",
"provState": "PROVISIONED",
"name": "Google Cloud Platform",
"id": "700fd1cd-c849-4c8c-9557-843fe76ddcd6",
"router": "15ad1546-5078-411d-914f-8f71e44c373c",
"interface": "dbf23608-13e3-42d1-891b-438bd30d0a44"
}
{
"type": "l3conn",
"tag": 2934,
"authState": "LIVE",
"provState": "PROVISIONED",
"name": "AWS",
"id": "7feb12d8-c329-4956-8e54-12e51e95a490",
"router": "15ad1546-5078-411d-914f-8f71e44c373c",
"interface": "fc6bfbf1-0ef7-4ee3-a1b1-be300aac27cd"
}
{
"type": "l3conn",
"tag": 3531,
"authState": "LIVE",
"provState": "PROVISIONED",
"name": "FABRIC",
"id": "c9e25d6c-a83f-4e6e-869d-73cd621beb66",
"router": "15ad1546-5078-411d-914f-8f71e44c373c",
"interface": "85ecc508-489f-458c-bde5-a359f2f0d28c"
}
Here is the config. I added a fabric node and fabric layer 3.
provider:
- gcp:
- gcp_provider:
- credential_file: ~/.fabfed/fabfed_credentials.yml
profile: gcp
- aws:
- aws_provider:
- credential_file: ~/.fabfed/fabfed_credentials.yml
profile: aws
- fabric:
- fabric_provider:
credential_file: ~/.fabfed/fabfed_credentials.yml
profile: fabric
config:
- layer3:
- gcp_layer:
subnet: 10.200.1.0/24 # subnet.cidr and vpc.cidr
- aws_layer:
subnet: 10.0.1.0/24 # 10.200.1.0/24 # subnet.cidr and vpc.cidr
- fab_layer:
subnet: 192.168.10.0/24
gateway: 192.168.10.1
ip_start: 192.168.10.2
ip_end: 192.168.10.254
- peering:
- gcp_peering:
# FOR GCP
cloud_region: "us-east4"
cloud_vpc: "vpc-69acc1d9-8c24-47cd-90b8-33be57167dbf"
# cloud_vlan:
# FOR GCP AND FABRIC.
# local_asn: 55038 # customer_asn
remote_asn: 16550 # google_asn
# FOR FABRIC
local_address: "192.168.1.1/30" # customer_ip
remote_address: "192.168.1.2/30" # google_ip
- aws_peering:
cloud_account: "296256999979"
cloud_vpc: "vpc-0936b973cf039f794"
cloud_region: "us-east-1"
# cloud_vlan:
remote_asn: 64512 # amazon_asn
local_asn: 55038 # customer_asn
local_address: "192.168.1.1/30" # customer_ip
remote_address: "192.168.1.2/30" # amazon_ip
resource:
- network:
- gcp_net:
provider: '{{ gcp.gcp_provider }}'
name: gcp-net
layer3: "{{ layer3.gcp_layer }}"
peering: "{{ peering.gcp_peering }}"
- fabric_network:
provider: '{{ fabric.fabric_provider }}'
peering: [ "{{ peering.gcp_peering }}", "{{ peering.aws_peering }}" ]
layer3: "{{ layer3.fab_layer }}"
stitch_with:
- network: '{{ network.gcp_net }}'
stitch_option:
group_name: GCP
- network: '{{ network.aws_net }}'
stitch_option:
device_name: agg3.ashb
- aws_net:
provider: '{{ aws.aws_provider }}'
layer3: "{{ layer3.aws_layer }}"
peering: "{{ peering.aws_peering }}"
- node:
- fabric_node:
provider: '{{ fabric.fabric_provider }}'
site: MAX
image: default_rocky_8
network: '{{ network.fabric_network }}'
count: 1
nic_model: NIC_Basic
@xi-yang So sense-gcp-aws-fabric works. No code changes. We just need to specify two sense providers and it is pretty much like the native version ... I will check in the full config But here is the no-node version.
Note the two sense providers one for aws and one for gcp.
provider:
- sense:
- gcp_provider:
- credential_file: ~/.fabfed/fabfed_credentials.yml
profile: sense
- aws_provider:
- credential_file: ~/.fabfed/fabfed_credentials.yml
profile: sense
- fabric:
- fabric_provider:
credential_file: ~/.fabfed/fabfed_credentials.yml
profile: fabric
config:
- layer3:
- gcp_layer:
subnet: 10.200.1.0/24 # subnet.cidr and vpc.cidr
- aws_layer:
subnet: 10.200.2.0/24 # subnet.cidr and vpc.cidr
- peering:
- gcp_peering:
local_asn: "55038"
local_address: "192.168.1.1/30"
remote_asn: "16550"
remote_address: "192.168.1.2/30"
- aws_peering:
cloud_account: "296256999979"
cloud_region: "us-east-1"
local_asn: "55038"
local_address: "192.168.1.1/30"
remote_asn: "64512" # amazon_asn
remote_address: "192.168.1.2/30" # amazon_ip
resource:
- network:
- gcp_net:
provider: '{{ sense.gcp_provider }}'
name: gcp-net
layer3: "{{ layer3.gcp_layer }}"
peering: "{{ peering.gcp_peering }}"
profile: FABRIC-GCP-INTERCON
- fabric_network:
provider: '{{ fabric.fabric_provider }}'
peering: [ "{{ peering.gcp_peering }}", "{{ peering.aws_peering }}" ]
stitch_with:
- network: '{{ network.gcp_net }}'
stitch_option:
group_name: GCP
- network: '{{ network.aws_net }}'
stitch_option:
device_name: agg3.ashb
- aws_net:
provider: '{{ sense.aws_provider }}'
layer3: "{{ layer3.aws_layer }}"
peering: "{{ peering.aws_peering }}"
@xi-yang
FYI: I have checked in the new config for sense-gcp-aws under demos and modified the config for native-gcp-aws. The both include a fabric node.
As of now I am still seeing issues with the dataplane. But I am seeing FabricSlice StableOK, Sense CREATE READY ...
Looks like aws-gcp-native creates direct cut-through cloud connection over AL2S without touching the FABRIC testbed, which is correct.
So two asks: