Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Example: Creating a Service Chain With the CLI

This section provides syntax and examples for creating service chaining objects for Contrail Controller.

CLI for Creating a Service Chain

All of the commands needed to create service chaining objects are located in /opt/contrail/utils.

CLI for Creating a Service Template

The following commands are used to create a service template:

./service-template.py add

[--svc_type {firewall, analyzer}]

[--image_name IMAGE_NAME]

template_name

./service-template.py del

template_name

CLI for Creating a Service Instance

The following commands are used to create a service instance:

./service-instance.py add

[--proj_name PROJ_NAME]

[--mgmt_vn MGMT_VN]

[--left_vn LEFT_VN]

[--right_vn RIGHT_VN]

instance_name

template_name

./service-instance.py del

[--proj_name PROJ_NAME]

instance_name

template_name

CLI for Creating a Service Policy

The following commands are used to create a service policy:

./service-policy.py add

--svc_list SVC_LIST [SVC_LIST ...]

--vn_list VN_LIST [VN_LIST ...]

[--proj_name PROJ_NAME]

policy_name

./service-policy.py del

[--proj_name PROJ_NAME]

policy_name

Example: Creating a Service Chain with VSRX and In-Network or Routed Mode

The following example creates a VSRX firewall service in a virtual network named test, using a project named demo and a template, an instance, and a policy, all named test.

  1. Add images to Glance (OpenStack image service).

    1. Download the following images:

      1. precise-server-cloudimg-amd64-disk1.img

      2. junos-vsrx-12.1-nat.img

    2. Add the images to Glance, using the names ubuntu and vsrx.

      1. (source /etc/contrail/openstackrc; glance add name='ubuntu' is_public=true container_format=ovf disk_format=qcow2 < precise-server-cloudimg-amd64-disk1.img)

      2. (source /etc/contrail/openstackrc; glance add name='vsrx' is_public=true container_format=ovf disk_format=qcow2 < junos-vsrx-12.1-dhcp.img)

  2. Create a service template of type firewall and named vsrx.

    1. ./service-template.py add test_template --svc_type firewall --image_name vsrx

  3. Create virtual networks.

    1. VN1

    2. VN2

  4. Create a service template.

    1. ./service-template.py add --svc_scaling ecmp-template

  5. Create a service instance.

    1. ./service-instance.py add --proj_name admin --left_vn VN1 --right_vn VN2 --max_instances 3 ecmp-instance ecmp-template

  6. Create a service policy.

    1. ./service-policy.py add proj_name admin -–svc_list ecmp-instance --vn_list VN1 VN2 ecmp-policy

  7. Create virtual machines and attach them to virtual networks.

    1. VM1 (attached to VN1)—use ubuntu image

    2. VM2 (attached to VN2)—use ubuntu image

  8. Launch the instances VM1 and VM2.

  9. Send ping traffic from VM1 to VM2.

  10. Send traffic from VM1 in VN1 to VM2 in VN2.

  11. You can use the Contrail Juniper Networks interface to monitor the ping traffic flows. Select Monitor > Infrastructure > Virtual Routers and select an individual vRouter. Click through to view the vRouter details, where you can click the Flows tab to view the flows.

Related Documentation