Campus Network as a Service
Service definitions
Objective
Make it easier to define network-wide services. Services should be defined globally and not per device.
Current system (2020-09)
VXLANs are defined as a global network-wide service, but routing is configured per device. All VXLANs are defined in a single file under settings: global/
Interfaces are configured per device or per device model
System settings like NTP server, DNS servers etc can be configured globally but also get overridden by device-specific settings
Observed problems
- When adding static routing with the nexthop set to a VXLAN interface, you have to touch several different settings files. First adding the VXLAN under settings: global/ and then adding a static route under each individual device that will have that VXLAN configured on it via settings: device/<hostname>
- Hard to get an overview of vxlans.yml when there are lots of VXLANs defined?
Possible solutions for problem #1
- Add new optional fields under VXLAN definition where you can add static routing that is associated with this specific VXLAN, and that will be applied to all devices with the VXLAN
- Add a new global service for static routing where you can choose to apply the same route definition to multiple devices. This probably also requires that you define that this route depends on another service (the VXLAN where the next-hop lives) and that the route should only be configured if that dependency exists on the device.
How will device-specific and VXLAN specific routes be merged? Device-specific overrides if destination is exactly the same?
How will the user know which routes comes from which place after settings was merged? settings_origin can only be set per top-level key today
Possible solution for problem #2
- Add a new directory under settings: global/ called services/ where the users can create as many files as they want, and define settings for different services in different files
This requires merging of sub-keys within multiple top-level key with the same name, but maybe ok since it's all in global? Expected behavior is just override for device-specific over global etc, not override global/ with global/services/
How will the user know which file to look in if it's all free form text defined by other users? External documentation, "git grep", external tool etc?
Future services
How will this affect future services? Today vxlans is the only service, but when adding more services maybe service-chaining or dependencies will make more sense?
List of future services:
- BGP internet peering: Define neighboring AS and IXes, get nexthop, AS-path filter, prefix limits etc from peeringDB
- L3VPN: How to define PE-CPE routing? Next-hop etc will be different per device