TASK 05: Incremental provisioning of new service¶
In this task, we will add additional service into our fabric – VRF blue. This will include configuration of VRF and L2/ L3 VNI vlans along with associated SVI interfaces. As a result, we will create new service which will be able to communicate across our fabric.
As you could notice in previous task, we had configuration of VRF blue commented out. Therefore, we must go to our overlay_db and uncomment VRF blue configuration.
(ansible) ansible@iol-ansible:~/cat9k-evpn-ansible/dag$ cat group_vars/overlay_db.yml
You have to uncomment VRF blue configuration in following sections – vrfs, vlans and svis. Please, make sure that you will keep proper spacing and indentation between the lines. Also, please do not forget to save file after the changes are performed (CTRL + S).
Note
To uncomment lines in VSCode, you can select commented lines with configuration and press CTRL + /. You may find also this options under Edit -> Toggle Line Comment.
In the next step, we will specify in the create variables that we want to provision only VRF blue and that we want to updated our access interfaces with VRF blue VLANs as well. Location for create variables can be found below.
(ansible) ansible@iol-ansible:~/cat9k-evpn-ansible/dag$ cat group_vars/create_vars.yml
After this step, we can preview our configuration which we are going to apply on our devices. To generate our configuration preview, we can run ansible playbook below.
(ansible) ansible@iol-ansible:~/cat9k-evpn-ansible/dag$ ansible-playbook -i inventory.yml playbook_overlay_incremental_preview.yml
This playbook also created files in the preview_files folder, but with -inc suffix. Please, note that we will provision only configuration relate to VRF blue only. Feel free to take your time to examine content in the folder.
(ansible) ansible@iol-ansible:~/cat9k-evpn-ansible/dag$ ls preview_files/ | grep inc
Leaf-01-inc.txt
Leaf-02-inc.txt
Spine-01-inc.txt
Spine-02-inc.txt
Once we are happy with the configuration, we can commit the changes on devices. To commit the changes, you can run ansible playbook below.
(ansible) ansible@iol-ansible:~/cat9k-evpn-ansible/dag$ ansible-playbook -i inventory.yml playbook_overlay_incremental_commit.yml
After this step, new VRF blue was provisioned on devices. Lets take a closer look on the Leaf-01 control plane. As you can see below, VRF blue was created along with L2 VNI SVIs - Vlan 201 (VNI 10201) and Vlan 202 (VNI 10202) and L3 VNI SVI - Vlan 902 (VNI 50902). Also, Leaf-01 was able to discover NVE peer 172.16.254.4 - Leaf-02 for this new VNIs.
1Leaf-01#show vrf
2Name Default RD Protocols Interfaces
3blue 2:2 ipv4,ipv6 Vl201
4 Vl202
5 Vl902
6 Lo12
7green 1:1 ipv4,ipv6 Vl101
8 Vl102
9 Vl901
10 Lo11
11mgmt <not set> ipv4 Et1/3
12
13Leaf-01#show nve peers
14'M' - MAC entry download flag 'A' - Adjacency download flag
15'4' - IPv4 flag '6' - IPv6 flag
16
17Interface VNI Type Peer-IP RMAC/Num_RTs eVNI state flags UP time
18nve1 50901 L3CP 172.16.254.4 aabb.cc80.0400 50901 UP A/-/4 01:40:30
19nve1 50902 L3CP 172.16.254.4 aabb.cc80.0400 50902 UP A/M/4 00:02:12
20nve1 10101 L2CP 172.16.254.4 5 10101 UP N/A 01:40:30
21nve1 10102 L2CP 172.16.254.4 6 10102 UP N/A 01:40:30
22nve1 10201 L2CP 172.16.254.4 3 10201 UP N/A 00:02:14
23nve1 10202 L2CP 172.16.254.4 4 10202 UP N/A 00:02:14