Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
     

    Related Documentation

     

    Example: Creating and Activating a NaaS Service Request

    This example shows how to create a Network as a Service (NaaS) service request for a tenant in a multitier application network managed by the Juniper Networks Network Director application. A multitier application network contains logical entities or tier groups that are belong in different VLANs. In this example, there are three tier groups, each providing a specific function. The application tier group provides network applications support, the Web tier group provides Internet access, and the client tier group provides client support.

    The tier groups are typically connected to different physical compute servers and virtual machines (VMs). In turn, the servers and VMs are connected to devices (such as an MX router) that are managed by the Network Director. The NaaS service is provided to the servers and VMs through the revenue ports on the managed devices.

    Requirements

    This example uses the following hardware and software components:

    • Hardware components:
      • An MX Series router
      • A QFabric system
      • An SRX Series Services Gateway
      • Two compute servers and four VMs
    • Software components:
      • Junos Space Release 13.1P5
      • Network Director API Release 1.5
      • REST HTTP client software

    Before you begin to create the multitier application NaaS request, be sure that:

    • Network Director API Release 1.5 is installed and operating.
    • NaaS service is initialized (the physical network topology has been imported into the NaaS service repository and the NaaS domain is created).
    • Static configurations are pushed to network devices.

    Overview

    In this example, the multitier application network contains three tier groups. Each group belongs to a VLAN, and is connected to a physical server or a VM. To configure and manage a multitier application network using the Network Director API, you must send NaaS service requests to create resources for connectivity groups, Layer 2 and Layer 3 connectivity services, security policies, and security policy rules for the tier groups. Once the resources are created, you activate the NaaS services.

    Topology

    Figure 1 shows the topology of a multitier application network.

    Figure 1: Multitier Application Network Topology

    Multitier Application Network Topology

    This example uses the following physical components:

    • A QFabric system
    • An MX Series router
    • An SRX Series Services Gateway
    • Two physical servers
    • Four VMs (running on two other physical servers)

    This example uses the following logical components:

    • Web tier group
    • Client tier group
    • Application tier group

    Creating a Multitier Application NaaS Request

    From your REST HTTP client, perform the following tasks.

    Note: The IP address used in this example is that of the host server on which the Network Director API software is installed.

    Creating General Resources

    Step-by-Step Procedure

    This section describes the steps for creating general resources.

    1. Send a POST request to create a tenant resource (if one is not already created).
    2. Send a POST request to create a NaaS service request resource that represents the multitier application network:

    Creating the Connectivity Group and Port Resources

    Step-by-Step Procedure

    This section describes the steps for creating a connectivity group and port resources for each connectivity group.

    1. Send a POST request to create a ConnectivityGroup resource that corresponds to the Web tier group:
    2. Send a POST request to create a port resource for webTierGroup that represents the attachment point for the host VM of the Web tier group:
    3. Send a POST request to create a ConnectivityGroup resource for the client group:
    4. Send a POST request to create a port resource for clientGroup that represents the attachment point for the host server of the client group:
    5. Send a POST request to create a ConnectivityGroup resource for the application tier group:
    6. Send a POST request to create a port resource for appTierGroup that represents the attachment point for the host VM of the application tier group:

    Creating the Layer 2 and Layer 3 Connectivity Services

    Step-by-Step Procedure

    This section describes the steps for creating Layer 2 and Layer 3 connectivity services for each connectivity group.

    1. Send a POST request to create an L2ConnectivityService resource for the Web tier group:
    2. Send a POST request to create an L2ConnectivityService resource for the application tier group:
    3. Send a POST request to create an L2ConnectivityService resource for the client group:
    4. Create an L3ConnectivityService resource to provide routing among the Web tier, application tier, and client group VLAN subnets:

    Creating Security Policy and Security Policy Rule Resources

    Step-by-Step Procedure

    This section describes the steps for creating security policy and security policy rule resources for defining security rules for traffic sent to appTierGroup.

    1. Send a POST request to create a security policy resource:
    2. Create a security policy rule associated with the httpOnly security policy:

    Activating the NaaS Services

    Step-by-Step Procedure

    This section describes the steps for activating NaaS services.

    1. Send a PUT request:

    Verifying the NaaS Request

    Verifying That the NaaS Request Is Activated

    Purpose

    Action

    To verify that the NaaS services are activated:

    1. Send a GET request to see the current state of the NaaS services:

      The current state of the NaaS services should be activated.

     

    Related Documentation

     

    Published: 2013-10-16

    Previous Page Next Page