Networking overview

Updated with new 7.0 concepts and behaviour

MetalSoft is capable of of automatically deploying complex network configurations on a multitude of switch brands including Cisco, Juniper, Dell, Cumulus, HP and others.

This document describes MetalSoft related concepts. If you are looking for Cabling & Network topologies that MetalSoft creates consult the Network topology section.

The approach that we take is “intent-based” in the sense that the user fully describes the desired network “services” and the system then translates those into actual switch and OS configurations. This is a service provider-inspired approach where the end-users are “consumers” of network services offered by the “provider”. As such they don’t control which subnets to allocate from, which VLANs will be used etc but they can specify the size of the subnet they need for example.

The user defines via the infrastructure designer, the cli or the API (or terraform, ansible etc) how the desired network setup looks like.

Important concepts of MetalSoft networking

MetalSoft uses several important concepts:

• Fabrics These capture the behaviour and settings of a group of endpoints. Fabrics typically configure the switches and other devices it “manages” but may also be “unmanaged” in the sense that they track IP and VLAN allocation to endpoints but do not actually configure anything on network equipments such as switches. There are multiple types of fabrics: Ethernet, Infiniband, Fiberchannel.

• Infrastructures

  This is a security construct similar to a “VPC” in which a tenant-specific network blueprint is defined. It defines a security boundary. In general a multi-server application is assigned in an infrastructure.

• Logical Networks

  Logical Networks are an abstract concept on top of a Fabric that reflects the intent of connecting endpoints (such as servers or VMs) within the same infrastructure or across infrastructures, to each other or with outside networks. The concept is primarily designed for tenant isolation but is also used for less stringent network environments to simplify provisioning.

  The implementation of a logical network depends on the underlying Fabric. For example in the case of ethernet fabrics it typically maps to a separate OSI Layer 2 network usually implemented with a different VLAN ID and one or more IPv4 and IPv6 subnets out of which IPs are allocated to the connected endpoints.

  Logical networks are typically created from network profiles by end-users in the infrastructure editor or gia terraform or directly by the Admin and reused by multiple users (called admin pre-created networks).

• Network profiles

  Network profiles define parameters for creating logical networks. Instead of creating a logical network for each user, admins simply define a template and then users create networks based on this template, eithout admin’s intervention. A network profile is created on a specific fabric. Different fabric types will have different network profiles.

  An ethernet network profile can have:

  1. a VLAN entry for which a VLAN ID can be manually or automatically allocated from the range speficied on the underlying fabric’s settings.

  2. a VNI can also be specified which can be either manually or automatically allocated from the range specified in the fabric settings.

  3. a set of IPv4 subnets from which IPs are allocated to endponts (if multiple subnets are specified an IP from each will be allocated)

  4. a set of IPv6 subnets from which IPs are allocated to endpoints (if multiple subnets are specified an IP from each will be allocated)

  5. An external connection. If specified the logical network will be connected to the external connection.

• Subnets

  Subnets are Ipv4 or IPv6 prefixes from which either individual IPs or other smaller subnets arte allocated to satisfy the need for IPs of a particular logical network in the context of an infrastructure. Multiple subnets will be allocated if the subnet pools are listed in the network profiles VLAN/VNI entries.

• Endpoints

  Unmanaged equipment (such as unmanaged servers in brownfield environments) are called endpoints and the admin must manually define them along with their host-port-to-switch port associations. In the future this process will also be automated.

• Servers

  We use the term server to refer to physical equipment. A server can have one or more server interfaces.

• VMs

  We use the term server to refer to virtual machines. A VM can have one or more VM interfaces.

• Instances

  When added to an infrastructure, an endpoints, server or a VM are presented as an “instance” to the user. Each Instance will have a distinct ID. IPs allocated to an instance from a Subnet are tied to the Instance and not the actual server or VM. This allows the server to be replaced while the instance object itself would remain the same. The VM behind a VM-instance object might move to another host or even hypervisor vendor and might receive a new identifier whereas the VM-Instance object will remain the same.

• Connection A connection between an endpoint and a logical network is customized via the settings on a connection. This defines:

  1. Tagged/untagged

  2. Link aggregation type: single device link aggregation, distributed link aggregation (MLAG, MCLAG, VLT etc.)

  3. MTU

• InstanceArrays

  A group of typically identical instances manipulated as a single entity. Usually all instances have the same server type but they can also be different if needed.

• Sites

  A site is basically a physical location, usually a single datacenter. A site can have one or more Fabrics.

Details on link-aggregation

If the user chooses to connect two or more ports to the same logical network, a link aggregation will be created on the switches and a bond interface will be created on the server

1. If the two ports lead to different switches defined as a switch-pair then an M-LAG or equivalent multi-chassis link aggregation will be created. LACP type 4 will be used as negotiation protocol. Refer to Managing switch pairs for more details.

2. If the two ports lead to two different switches that are configured in “stacked” configuration in which case a single switch record is registered in MetalSoft, the system will create regular link-aggregations, using LACP type 4.

3. If the two ports lead to the same switch a simple link-aggregation will be created on the respective switch. The link will be configured using LACP type 4.

To ensure consistent behavior, the LACP priority will be higher on the port with the lower index so that if the LACP protocol cannot negotiate with the server (such as during the boot process) the fallback port will always be port with index #0.

How server interface indexes are allocated

To ensure consistent behavior the network ports of the servers will always have indexes based on the switch hostname and then the switch port in lexicographic order irrespective of the actual order in the server. For example if a server is connected to two switches with hostnames sw1 and sw2 and connected to Ethernet10 on both, the port connected to sw1 will always be port index #0 and the port connected to sw2 will always be port #1. If the same server is connected to sw1 Ethernet11 and sw1 Ethernet10 the second port will be index #0 and the first one will be #1.

OS Interface Index

MetalSoft provides OS index information for interfaces which is what VMWare ESXI uses to name the interfaces thus the OS index 1 will be the vmk1 interface.

Virtualization networking

MetalSoft uses a novel networking approach for the virtualization by tying the VMs into the same network as bare metal servers. This means that the network admin can reuse the network profiles, subnets external connections etc. To learn more go to Managing VM Pools

Where to go from here:

• Network topology

• Managing network profiles