Programmability of vRouter using Scripting API

by PrasadN on ‎06-04-2016 05:08 PM (1,272 Views)

The Brocade vRouter is a high performance router that can run on many platforms. It supports key integration points for automation and management using NETCONF and REST API. A new capability, Scripting API, can be used to create scripts that programmatically configure and administer the vRouter through configd, which is a YANG-based data-modeling management daemon. The vRouter is a self-contained customized Linux OS and supports the libraries for languages like Perl, Python and Ruby.

The Scripting API provides a powerful tool for users to take event based actions without the need to have an external system like an SDN controller or RESTful APIs. Examples of events can be conditions like state of an interface, condition of a remote peer, quality of a link etc. Examples of actions can be redirecting traffic to a different link, changing the QoS marking of the packets, or even shutting an interface down etc

The event based actions can also include configuration changes on external systems. If the remote peer is a vRouter, the scripts on the remote peer can be invoked to trigger an action. If the remote peer is not a vRouter, we can integrate the API of the remote peer on the vRouter. Using this method, detection of an event on a vRouter can result in an action on a remote peer using the API calls of the third party system. Example: AWS EC2 API is integrated on vRouter, an event detected on the vRouter can trigger an EC2 API call

An example customer scenario addressed using the scripts on the vRouter is highlighted below

Example: High Availability in AWS without using VRRP

vRouter can be used as a gateway in the AWS VPC to handle Routing, Firewall, VPN, NAT etc. To eliminate a single point of failure and have a high availability solution, a secondary vRouter can be deployed as the standby. Traditional solutions like VRRP cannot be used as the AWS VPC does not support multi-cast traffic. Moreover the virtual IP is not an L2 adjacent IP address but rather the address of the igw. As such VRRP based solution will not work on AWS.

A script based solution to address the HA scenario is apt in this case. Two vRouters running in a VPC across two different subnets and with GRE tunnel configured between them is the basis for this solution. BFD is setup to run over the GRE tunnel between the two vRouters. A script on the secondary vRouter detects the status of the BFD link and if the BFD session state is down, the script makes the secondary vRouter active by calling the EC2 API and changing the mapping of the igw to the interface of the secondary vRouter. The following document explains the script and environment in extensive detail.