Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Build

SUMMARY Create and build a site-specific blueprint from your generic template. The blueprint contains site details such as the hardware to deploy and the resource pools to use.

Explanation of Procedure

In the build stage, you add site-specific details to your template to create a blueprint. While your template is generic and reusable across multiple data centers, a blueprint is specific to a given data center site.

The blueprint contains site-specific details for both your physical fabric and your virtual overlay networks.

In the blueprint, you assign IP addresses and other network resources like AS numbers, and you specify the actual hardware to use in your physical underlay network. You also create your overlay networks, as defined by routing zones and the virtual networks running in those zones. Since overlay networks are part of the blueprint, it’s expected that you’ll regularly change the virtual part of your blueprint as your overlay connectivity requirements change.

Create the Blueprint

  1. Select Blueprints in the left-nav bar to open the Blueprints page.
  2. Click Create Blueprint. The Create Blueprint window appears.
  3. Type in the Name you want to call this blueprint. The name should distinguish this data center site from your other data center sites (for example DC1-Fabric).
  4. Use the Template drop-down list to select the template you created earlier (for example, L2 Pod 2x2). Once you select a template, Apstra provides an Intent preview to help you visualize the data center fabric you are building.
  5. Click Create to save the blueprint.

    The new blueprint displays on the Blueprints page.

Build the Blueprint - Physical

This part of the blueprint covers the underlay network. It is at this stage that you specify the actual physical devices you want to use in your site. This portion of the blueprint also specifies the loopback IP address assignments, the IP address assignments for fabric ports, and the BGP AS numbers used for peering in both the underlay and overlay.

  1. On the Blueprints page, click the blueprint you want to build (for example, DC1-Fabric).

    The blueprint Dashboard page opens. Since you haven’t deployed your blueprint yet, the Dashboard page is empty.

  2. Click the Staged tab. This is where you stage your blueprint with site-specific details.

    The Staged page consists of a row of tabs at the top (Figure 1). Once you select a tab, the rest of the page is placed in context with that selection. By default, the Physical tab is selected.

    Figure 1: Blueprint - Staged Blueprint - Staged

    When the Physical tab is selected, the right-most pane shows various icons with color-coded warnings under the Build tab (Figure 2).

    Figure 2: Physical Build Physical Build

    Hover over each icon to see what each represents (from left to right):

    • Resources

    • Device Profiles

    • Devices

    • Configlets (not used in this use case).

    • Note:

      Configlets allow you to append Junos configuration statements to the configuration pushed by Apstra. A typical use is to add a custom login banner that warns the device is under Apstra management.

    When you select an icon, the area below the icons are placed in context with that selection. By default, the Resources icon is selected.

  3. With the Physical tab and Resources icon selected (Figure 3), specify the resource pools to use.

    As you progress through this step, the red warning icons turn green to indicate that you’ve successfully assigned the respective resource.

    Figure 3: Physical Build - Resources Physical Build - Resources
    Note:

    In the steps below, when you click the Update assignments icon, you might need to use the pagination chevrons to find your selection. Each page displays a maximum of 5 entries.

    1. Click the red warning icon to the left of ASNs - Spines to expand the selection and click the Update assignments icon in the expanded section.
    2. Select the DC1-ASN pool you created earlier and click the Save icon. This icon looks like a floppy computer disk.
    3. Click the red warning icon to the left of ASNs - Leafs to expand the selection and click the Update assignments icon in the expanded section.
    4. Select the DC1-ASN pool again and click the Save icon.
    5. Click the red warning icon to the left of Loopback IPs - Spines to expand the selection and click the Update assignments icon in the expanded section.
    6. Select the DC1-Loopback-IP pool you created earlier and click the Save icon.
    7. Click the red warning icon to the left of Loopback IPs - Leafs to expand the selection and click the Update assignments icon in the expanded section.
    8. Select the DC1-Loopback-IP pool again and click the Save icon.
    9. Click the red warning icon to the left of Link IPs - Spines<>Leafs to expand the selection and click the Update assignments icon in the expanded section.
    10. Select the DC1-Intra-Fabric-IP pool you created earlier and click the Save icon.

    At this time all the physical resource tab icons should be green to indicate successful resource assignments.

  4. Click the Device Profiles icon to select the device profiles to use (Figure 4).

    This is where you tell Apstra about the device hardware models and device OS versions you want to deploy. You do this by telling Apstra what interface maps you want to use for the logical devices in your template. Recall that the interface map associates a device profile (hardware model and allowed OS versions) to a logical device. By specifying the interface map, you’re selecting the device hardware model and allowed OS versions to use for the selected logical device.

    Figure 4: Physical Build - Device Profiles Physical Build - Device Profiles

    1. Click the red warning icon to the left of AOS-2x40 to expand the selection and click the Change interface maps assignments icon in the expanded section. The Update interface map for AOS-2x40 window appears.
    2. For both spine1 and spine2, use the drop-down lists to select Juniper_QFX10002-36Q____AOS-2x40. The drop-down lists shows all the defined interface maps for the AOS-2x40 logical device. In this use case, you created only one interface map for this logical device, so that’s the only selection available. By selecting this interface map, you’re indicating that you want to use the QFX10002-36Q switch for the spine devices in this fabric.
    3. Click Update Assignments.
    4. Click the red warning icon to the left of AOS-2x10+2x40 to expand the selection and click the Change interface maps assignments icon in the expanded section. The Update interface map for AOS-2x10+2x40 window appears.
    5. For both l2_1l2s_001_leaf1 and l2_1l2s_002_leaf1, use the drop-down lists to select Juniper_QFX5110-48S____AOS-2x10+2x40. The drop-down list shows all the defined interface maps for the AOS-2x10+2x40 logical device. In this use case, you created only one interface map for this logical device, so that’s the only selection available. By selecting this interface map, you’re indicating that you want to use the QFX5110-48S switch for the leaf devices in this fabric.
      Note:

      In the blueprint, the names of the leaf devices differ from the template. The main difference is that Apstra does not use the name you gave to the leaf device when you defined the rack. Instead, the format is <rack name>_<rack instance>_leaf<leaf instance> (see Table 1).

    6. Click Update Assignments.
    7. Click the red warning icon to the left of AOS-1x10-1 to expand the selection and click the Change interface maps assignments icon in the expanded section. The Update interface map for AOS-1x10-1 window appears.
    8. For all servers, use the drop-down lists to select Generic_Server_1RU_1x10G_Centos_AOS-1x10-1. Recall that you’re using the predefined AOS-1x10-1 logical device for your servers. This logical device has multiple predefined interface maps. The Generic_Server_1RU_1x10G_Centos_AOS-1x10-1 interface map associates a CentOS server to this device.
      Note:

      In the blueprint, the names of the servers differ from the template. The main difference is that Apstra does not use the name you gave to the server when you defined the rack. Instead, the format is <rack name>_<rack instance>_sys<server instance> (see Table 1).

    9. Click Update Assignments.
    10. (Optional) Click the Links tab to display the links that Apstra is creating based on your interface map assignments (Figure 5). Recall that the interface maps contain information on how the ports are used in your fabric. When you created the interface maps earlier, you specified that the leaf devices use ports et-0/0/48 and et-0/0/50 to connect to your spine devices, and your spine devices use ports et-0/0/34 and et-0/0/35 to connect to your leaf devices. Note that you did not specify which specific port connects to which specific port. Apstra makes those assignments automatically when you assign an interface map to a device.

      In this example, you can see that Apstra has assigned port et-0/0/48 on each leaf device to connect to the spine1 device. In like fashion Apstra has assigned port et-0/0/50 on each leaf device to connect to the spine2 device. These port assignments are purely arbitrary. The table also confirms the server to leaf attachments. For example, the xe-0/0/0 interface on Leaf1 attaches to the first BMS named "l2_1l2s_001_sys001".

      If you’ve already attached cables to your switches, then there’s a chance that these arbitrary port assignments do not match your actual wiring. Later in the Deploy stage, we’ll show you how you can override these assignments to match an existing cabling.

    As you progress through this step, the red warning icons turn green to indicate that you’ve successfully assigned the respective device profile.

  5. Click the Devices icon to assign the actual devices you want to use to your blueprint (Figure 6).

    These are the devices you specified when you created the device agents. Apstra only allows you to assign devices that match the interface maps you picked in the previous step. Once you assign a device, that device is no longer available for assignment in this blueprint or any other blueprint. In this way, Apstra prevents you from double booking a device by mistake.

    Figure 6: Physical Build - Devices Physical Build - Devices
    Note:

    You can defer this step if you haven’t installed your physical devices yet. You only need to assign devices when you are ready to deploy the blueprint. The ability to stage a data center deployment, before you have a data center to deploy to, is a key characteristic of the Apstra Fabric Conductor solution.

    1. Click the amber warning icon to the left of Assigned System IDs to expand the entry and click the Change System IDs assignments icon in the expanded section. The Assign Systems window appears.
    2. For spine1, use the drop-down list to select 10.123.162.1 and ensure you set the Deploy Mode to Deploy.
    3. For spine2, use the drop-down list to select 10.123.162.2 and ensure you set the Deploy Mode to Deploy.
    4. For l2_1l2s_001_leaf1, use the drop-down list to select 10.123.151.1 and set the Deploy Mode to Deploy.
    5. For l2_1l2s_002_leaf1, use the drop-down list to select 10.123.151.2 and set the Deploy Mode to Deploy.
    6. Click Update Assignments.
    7. (Optional) Click the Nodes tab to display the nodes that Apstra is creating based on your device assignments (Figure 7). You can see the device names, serial numbers, loopback IP addresses, AS numbers, and other information here. The table shown here is truncated to show only one of the four servers.
      Figure 7: Physical Nodes Table Physical Nodes Table
Note:

You don't need to update assignments for the servers when you're connecting the servers to a leaf device using layer 2. When you connect a server to a leaf device using layer 2, you manage the server outside of Apstra. Because the servers don't have an ID, the Assigned Systems IDs warning icon remains amber. You can safely ignore this warning.

At this point, Apstra has sufficient information to configure your underlay network. You can now proceed to define your overlay networks.

Build the Blueprint - Virtual

This part of the blueprint covers the overlay networks that run on top of the underlay. Recall from Figure 2 that you’ll be creating two routing zones (or VRFs), DC1-Green and DC1-Red. DC1-Green contains routes for subnets 192.168.100.0/24 and 192.168.101.0/24. DC1-Red contains routes for subnet 192.168.200.0/24. In Apstra, each subnet is represented by a virtual network, which you’ll configure as DC1-Green-VN1, DC1-Green-VN2, and DC1-Red-VN1.

Figure 8 shows these subnets in the context of the physical leaf devices and servers.

Figure 8: Virtual Networks and SubnetsVirtual Networks and Subnets

As in the design stage, Apstra automatically names devices in a particular format. This format allows you to determine the rack and the device types and instances solely from the name, but might be difficult to parse. Use Table 1 to correlate between the devices in the figure above with the device names that Apstra uses.

Table 1: Device Names

Device

Apstra Device Name

Leaf1

l2_1l2s_001_leaf1

Leaf2

l2_1l2s_002_leaf1

BMS1

l2_1l2s_001_sys001

BMS2

l2_1l2s_001_sys002

BMS3

l2_1l2s_002_sys001

BMS4

l2_1l2s_002_sys002

Note:

You can’t change the device names in Apstra, but you can change the hostname that Apstra configures on the device. Changing the hostname on the device is easy to do in Apstra but is outside the scope of this document.

  1. Click the Virtual tab. A new row of tabs appears immediately below: Virtual Networks, Routing Zones, Floating IPs , Static Routes, Protocol Sessions, Remote EVPN Gateways, Virtual Infra, and Endpoints.
  2. Create the DC1-Green routing zone (VRF).
    1. Select the Routing Zones tab.
    2. Click Create Routing Zone.

      The Create Routing Zone window appears.

    3. Enter a VRF Name (for example, DC1-Green) and click Create.
  3. Create the DC1-Red routing zone (VRF).
    1. Click Create Routing Zone.

      The Create Routing Zone window appears.

    2. Enter a VRF Name (for example, DC1-Red) and click Create.
  4. Select the resource pools for your routing zones.
    1. In the right-most pane ( Figure 9, click the red warning icon to the left of DC1-Green:Leaf Loopback IPs to expand the selection and click the Update assignments icon in the expanded section.
      Figure 9: Virtual Routing Zones - Build Virtual Routing Zones - Build
    2. Select the DC1-Green-Loopback IP pool and click the Save icon.
    3. Click the red warning icon to the left of DC1-Red:Leaf Loopback IPs to expand the selection and click the Update assignments icon in the expanded section.
    4. Select the DC1-Red-Loopback IP pool and click the Save icon.
    5. Click the red warning icon to the left of EVPN L3 VNIs to expand the selection and click the Update assignments icon in the expanded section.
    6. Select DC1-VNI and click the Save icon.

    As you progress through this step, the red warning icons turn green to indicate that you’ve successfully assigned the respective resources.

  5. Create the first DC1-Green virtual network.
    1. Click the Virtual Networks tab.
    2. Select Create Virtual Networks.

      The Create Virtual Network window appears.

    3. Complete the required fields (Table 2) and click Create.
      Table 2: Create Virtual Network - DC1-Green-VN1

      Parameter

      Description

      Setting in this Use Case

      Type

      VLAN for single-rack scope.

      VXLAN for fabric-wide scope.

      VXLAN

      Name

      The name you want to call this virtual network.

      DC1-Green-VN1

      Routing Zone

      The routing zone that this virtual network belongs to.

      DC1-Green

      Set same VLAN ID on all leafs?

      This setting determines if VLAN IDs have local or fabric-wide significance.

      Unchecked

      IPv4 Connectivity

      Specify whether to enable IPv4 capability on the switch interface. This setting creates an IRB interface on the switch and assigns the Virtual Gateway IPv4 address to the IRB interface.

      Enabled

      IPv4 Subnet

      The subnet for this virtual network.

      192.168.100.0/24

      Virtual Gateway IPv4

      The IP address of the gateway for this virtual network. Apstra assigns this IP address to the IRB interface on the switch.

      192.168.100.1

      Create Connectivity Templates for

      Indicate whether the virtual network uses VLAN tagging.

      If you want the server to connect to the virtual network using VLAN tagging, select Tagged. If you want the server to connect without VLAN tagging, select Untagged. If you want some servers to connect using VLAN tagging and others to connect without VLAN tagging, then select both Tagged and Untagged.

      If you don't select a template option when defining a virtual network, you must create the connectivity templates manually.

      Untagged

      Assigned To

      Select the leaf switches that are part of this virtual network.

      From Figure 8, both Leaf1 and Leaf2 are part of the DC1-Green-VN1 virtual network.

      l2_1l2s_001_leaf1

      l2_1l2s_002_leaf1

  6. Create the second DC1-Green virtual network.
    1. Select Create Virtual Networks.

      The Create Virtual Network window appears.

    2. Complete the required fields (Table 3) and click Create.
      Table 3: Create Virtual Network - DC1-Green-VN2

      Parameter

      Description

      Setting in this Use Case

      Type

      VLAN for single-rack scope.

      VXLAN for fabric-wide scope.

      VXLAN

      Name

      The name you want to call this virtual network.

      DC1-Green-VN2

      Routing Zone

      The routing zone that this virtual network belongs to.

      DC1-Green

      Set same VLAN ID on all leafs?

      This setting determines if VLAN IDs have local or fabric-wide significance.

      Unchecked/Default

      IPv4 Connectivity

      Specify whether to enable IPv4 capability on the switch interface. This setting creates an IRB interface on the switch and assigns the Virtual Gateway IPv4 address to the interface.

      Enabled

      IPv4 Subnet

      The subnet for this virtual network.

      192.168.101.0/24

      Virtual Gateway IPv4

      The IP address of the gateway for this virtual network. Apstra assigns this IP address to the IRB interface on the switch.

      192.168.101.1

      Create Connectivity Templates for

      Indicate whether the virtual network uses VLAN tagging.

      If you want the server to connect to the virtual network using VLAN tagging, select Tagged. If you want the server to connect without VLAN tagging, select Untagged.

      If you don't select a template option when defining the virtual network you must create the connectivity templates manually.

      Untagged

      Assigned To

      Select the leaf switches that are part of this virtual network.

      From Figure 8, only Leaf1 is part of the DC1-Green-VN2 virtual network.

      l2_1l2s_001_leaf1

  7. Select the resource pools to use for your virtual networks.
    1. In the right-most pane (Figure 10), click the red warning icon to the left of VNI Virtual Network IDs to expand the selection and click the Update assignments icon in the expanded section.
      Figure 10: Virtual Networks - Build Virtual Networks - Build
    2. Select DC1-VNI and click the Save icon.
  8. Configure the server-facing ports on the leaf device for the first DC1-Green virtual network.
    1. Click the Connectivity Templates tab to open the Connectivity Templates page.
    2. Click the Assign icon (it looks like a chain) for the DC1-Green-VN1 network. The Assign Untagged VxLAN 'DC1-Green-VN1' window opens.
    3. Select the leaf devices and ports associated with this virtual network. In this example the first DC1-Green virtual network is associated with the xe-0/0/0 interfaces on both leaf devices. Select the xe-0/0/0 interface on both leaf devices and click Assign. The Status column turns green and indicates the first DC1-Green virtual network has two endpoints.
  9. Configure the server-facing ports on the leaf device for the second DC1-Green virtual network.
    1. While still on the Connectivity Templates tab, click the Assign icon for the DC1-Green-VN2 network. The Assign Untagged VxLAN 'DC2-Green-VN2' window opens.
    2. Select the leaf devices and ports associated with this virtual network. In this example the second DC1-Green virtual network is associated with the xe-0/0/1 interface on the Leaf1 (l2_1l2s_001_leaf1) device. Select the xe-0/0/1 interface and click Assign. The Status column turns green and indicates the second DC1-Green virtual network has one endpoint.
  10. Confirm connectivity for the DC1-Green virtual networks.
    1. Click the Virtual Networks tab.
    2. In the virtual networks table, click DC1-Green-VN1.
    3. Scroll down to Endpoints>Ports View. This section shows a virtual network topology and port pictogram of both leaf devices (Figure 11), showing how the DC1-Green-VN1 virtual network is connected. The display confirms that the DC1-Green virtual network is associated with the first server (sys001) on both leaf devices.
      Figure 11: DC1-Green-VN1 Preview DC1-Green-VN1 Preview
    4. Scroll down to the Port Maps: section. The port pictogram (Figure 12) confirms that port 1 is assigned to the DC1-Green-VN1 virtual network on both leaf devices, and that the port is untagged. Recall you defined this virtual network as being untagged in the Connectivity Template in a previous step. Click on port 1 in the port pictogram to confirm this is the xe-0/0/0 interface on both leaf devices.
      Figure 12: DC1-Green-VN1 Port Assignments DC1-Green-VN1 Port Assignments
    5. Repeat this step for the DC1-Green-VN2 network. The topology confirms the secondDC1- Green virtual network attaches to Leaf1 only. The Port Map confirms this VN is untagged and maps to the xe-0/0/1 interface on Leaf1.
  11. Create the DC1-Red-VN1 virtual network.
    1. Scroll back up and click the Virtual Networks tab.
    2. Select Create Virtual Networks.

      The Create Virtual Network window appears.

    3. Complete the required fields (Table 4) and click Create.
      Table 4: Create Virtual Network - DC1-Red-VN1

      Parameter

      Description

      Setting in this Use Case

      Type

      VLAN for single-rack scope.

      VXLAN for fabric-wide scope.

      VXLAN

      Name

      The name you want to call this virtual network.

      DC1-Red-VN1

      Routing Zone

      The routing zone that this virtual network belongs to.

      DC1-Red

      Set same VLAN ID on all leafs?

      This setting determines if VLAN IDs have local or fabric-wide significance.

      Unchecked

      IPv4 Connectivity

      Specify whether to enable IPv4 capability on the switch interface. This setting creates an IRB interface on the switch and assigns the Virtual Gateway IPv4 address to the interface.

      Enabled

      IPv4 Subnet

      The subnet for this virtual network.

      192.168.200.0/24

      Virtual Gateway IPv4

      The IP address of the gateway for this virtual network. Apstra assigns this IP address to the IRB interface on the switch.

      192.168.200.1

      Create Connectivity Templates for

      Indicate whether the virtual network uses VLAN tagging.

      If you want the server to connect to the virtual network using VLAN tagging, select Tagged. If you want the server to connect without VLAN tagging, select Untagged.

      If you don't select a template option when defining the virtual network you must create the connectivity templates manually.

      Untagged

      Assigned To

      Select the leaf switches that are part of this virtual network.

      From Figure 8, only Leaf2 is part of the DC1-Red-VN1 virtual network.

      l2_1l2s_002_leaf1

  12. Configure the server-facing ports on the leaf device for the DC1-Red virtual network.
    1. Click Connectivity Templates tab to open the Connectivity Templates page.
    2. Click the Assign icon (it looks like a chain) for the DC1-Red-VN1 network. The Assign Untagged VxLAN 'DC1-Red' page opens.
    3. Select the leaf devices and ports associated with this virtual network. In this example the DC1-Red virtual network is associated with the xe-0/0/1 interface on the Leaf2 (l2_1l2s_002_leaf1) device. Select the xe-0/0/1 interface on Leaf2 and click Assign. The Status column turns green and indicates the DC1-Red virtual network has a single endpoint.
  13. Confirm connectivity for the DC1-Red-VN1 virtual network.
    1. Click the Virtual Networks tab.
    2. In the virtual networks table, click DC1-Red-VN1.
    3. Scroll down to Endpoints>Ports View. This section shows a virtual network topology and port pictogram of both leaf devices (Figure 13) showing how the DC1-Red-VN1 virtual network is connected. The display confirms that the DC1-Red-VN1 virtual network is associated with the second server (sys002) on the on the Leaf2 (l2_1l2s_002_leaf1) device.
      Figure 13: DC1-Red-VN1 Preview DC1-Red-VN1 Preview
    4. Scroll down to the Port Maps: section. The pictogram (Figure 14) confirms that port 2 is assigned to the DC1-Red-VN1 virtual network on Leaf2, and that the port is untagged. Recall you defined this virtual network as being untagged in the Connectivity Template in a previous step. Click on port 2 in the pictogram to confirm this is the xe-0/0/1 interface on Leaf2.
      Figure 14: DC1-Red-VN1 Port Assignment DC1-Red-VN1 Port Assignment
  14. Double check your virtual networks.
    1. Scroll back up and click the Virtual Networks tab.
    2. In the virtual networks table, check that the Routing Zone, Assigned to, and IPv4 Subnet settings are as shown in Figure 15 .
      Figure 15: Virtual Networks Virtual Networks
    3. Correct any mistakes before going to the Deploy stage.

You’ve now finished creating and building your site-specific blueprint. You’re ready to deploy a new data center network.