CloudVision Studios - Layer 3 Leaf-Spine (L3LS) Lab Guide¶

Goal¶

The goal of this lab is to get hands-on experience with CloudVision Studios (1) , a built-in network provisioning feature of Arista CloudVision.

CloudVision Studios

In this lab, we will deploy a modern data center network using several built-in Studios, including the L3 Leaf-Spine Fabric studio.

Arista provides many out-of-the box Studios. However, users can also build custom Studios to deploy and manage networks in any manner they desire!

What is a Studio?¶

CloudVision Studios are a UI-driven provisioning feature of CloudVision that allows users to deploy networks with no prior knowledge of CLI.

CloudVision Studios contains two main Elements:

Studio: Input template for defining attributes of network features and any devices belonging to that feature.
Workspace: A staging ground you use to create, configure or edit a studio’s input and identify the devices that a studio affects.

Preparing the Lab¶

Navigate to the login URL sent to you via e-mail.
If your topology is not in the Running state, click the Start button on the bottom left.
Click the Click Here to Access Topology button.
You will see a landing page that looks like this.
Credentials used in the rest of the lab are visible in the table at the bottom of the landing page.
If you have executed any other ATD Labs prior to this, use the Console Access link to Reset All Devices to Base ATD via the menu.

Topology¶

The base topology of the ATD is a multi-site data center deployment. We are focusing on Site One (left side) for this lab

Info

The Border Leafs, Cores, and Site 2 are not a part of this lab guide.

Site one of this lab consists of two spines, four leafs and two ”hosts”. The hosts are virtual EOS devices that allow us to initiate traffic for testing.

We will utilize this site to represent a new data center in a leaf and spine architecture.

Onboarding Devices¶

Devices managed by CloudVision Studios must be onboarded before any configuration changes take place. This allows users to define a subset of their devices to be managed by Studios if they wish. This initial step is done via. the built-in Inventory and Topology Studio.

Inventory and Topology Studio¶

Click on CVP on the lab landing page to access CloudVision Portal.
Click Provisioning on the left menu.
Click on Studios in the left navigation menu.
Click the Slider for Active Studios to enable display of all Studios.
Click Create Workspace and name it inventory.

Info

A Workspace is what you use to create, configure, or edit a Studio’s inputs, and to tag the devices that a Studio affects. It can be used to configure one or more Studios, which means that you can implement configuration changes across multiple network features at the same time.

Workspaces can be any name. Naming them logically helps other users in CloudVision recognize what your Studio edit is doing at a glance.
Click Inventory and Topology under Essential Studios (notice your Workspace in the drop-down). Then click on the Network Updates tab.
Click the top select toggle to select all entries. Then click Accept Updates, then Accept and finally Review Workspace.

Info

CloudVision will automatically compile any changes proposed in the Workspace and build associated configurations. For now, we are simply onboarding the devices so there is no configuration changes present. We will review this screen further in subsequent steps.
Click Submit Workspace to confirm the changes. Your devices are now onboarded.

Build the L3LS Fabric¶

In this lab, we are building a new data center network for our company. The company has two data centers separated by a WAN network. In this lab scenario, we will focus on data center one (DC1) in site one (s1).

We will configure the links between the spine and leaf switches as point-to-point layer 3 routed interfaces. This will create the underlay of our data center fabric. Each pair of leaf switches will be configured in an MLAG domain. Finally, we will utilize a routing protocol, Border Gateway Protocol (BGP), to provide connectivity for the underlay.

This physical diagram aligns with the logical topology and is based on the Arista UCN Architecture.

To ensure a clean starting point, verify your Workspace selection is empty. If necessary, click the Workspace Dropdown and select Clear Selection.

Create the Layer 3 Fabric¶

Click Create Workspace to create a new Workspace and name it L3LS-Fabric.
Find and click the L3 Leaf-Spine Fabric Studio in the list of built-in Studios.
Under Data Centers click Add Data Center and add DC:1. When creating a new tag you will need to click the Create button directly under the tag input field. After clicking Create you may need to click in a free area outside of the input field of the tag.
Click the right arrow on the DC:1 row to edit its configuration. From there, click the dropdown menu for Assigned Devices and add the devices from s1: s1-spine1, s1-spine2, s1-leaf1, s1-leaf2, s1-leaf3, and s1-leaf4.
Scroll down and add the appropriate Role and NodeId to each device. You may need to create the tags and click out of the row and into an empty space on the page. Use the table below to assign the proper values.

Device Name Role NodeId

s1-leaf1 Leaf 1

s1-leaf2 Leaf 2

s1-leaf3 Leaf 3

s1-leaf4 Leaf 4

s1-spine1 Spine 1

s1-spine2 Spine 2

Info

The Node IDs are unique only per device type. This is why s1-leaf1 and s1-spine1 can be the same Node ID.
Scroll up and click Add Pod named DC-Pod:1.
Select the right arrow on the DC-Pod:1 row. Then, click the dropdown menu for Assigned Devices and add the devices from s1: s1-spine1, s1-spine2, s1-leaf1, s1-leaf2, s1-leaf3, and s1-leaf4.

Info

The Spine nodes will be added to the Spines section with the corresponding NodeId.
Click Add L3 Leaf Domain and add Leaf-Domain:1 and Leaf-Domain:2.
Select the right arrow for Leaf-Domain:1. Next, Click Assigned Devices and add s1-leaf1 and s1-leaf2 to Leaf-Domain:1.
At the top navigation hierarchy, click DC-Pod:1 to move back one level. Then, select the right arrow for Leaf-Domain:2 to enter its configuration section. Finally, click Assigned Devices and add s1-leaf3 and s1-leaf4 to Leaf-Domain:2.

Deploy Layer 2 and Layer 3 Services with EVPN¶

Now that we've configured the base settings for the L3LS Fabric, we can configure Layer 2 and 3 services to be used by hosts attached to the network using the EVPN Services Studio.

Navigate back to the main Studios page by clicking the blue Studios link near the top of the page. Then scroll down and select the EVPN Services Studio.
Click Add Tenant and add a Tenant named FABRIC.
Click the right arrow to configure the FABRIC container. Click Add VRF to create a VRF and name it TENANT.
Click the right arrow to configure the TENANT VRF. Then add the VNI value of 5000 to the VRF configuration.
At the top of the navigation hierarchy, click FABRIC to move back one level. Then, scroll down and click Add Vlan and create VLAN ID 112 and 134.
Click the right arrow to configure VLAN 112. Next, click Add VTEP. Use a query to match the tags created in the previous L3LS studio to assign this vlan to the correct VTEP leaf switches. The query should be DC:1 AND Role:Leaf. It may be easier to copy and paste the line query instead of typing it out or to click the suggestions as they populate. Once completed, hover your cursor over the entry to view the matched devices and click the right arrow to review the device details.
Scroll down and configure VLAN 112 with the settings in the table below.

Setting Value

Name Host_Network_112

VRF TENANT

SVI Virtual IP Address 10.111.112.1/24
At the top navigation hierarchy, click FABRIC to move back one level. Then repeat steps 5-7 for VLAN 134 with settings from the table below.

Setting Value

VTEPs DC:1 AND Role:Leaf

Name Host_Network_134

VRF TENANT

SVI Virtual IP Address 10.111.134.1/24

Assign Host-Facing Interfaces¶

We've configured the fabric switches and setup some Layer 2 and 3 services for our hosts but we've yet to attach them to the network itself. We'll leverage the Interface Configuration Studio to handle the port-level configurations.

Again, click the blue Studios link near the top of the page. Then scroll down and select the Interface Configuration Studio.
Click Add Profile and add two profiles named VLAN_112 and VLAN_134.

Click the right arrow to edit the VLAN_112 profile. Configure the profile with the settings in the below table.

Setting	Value
Profile Description	`Host VLAN 112`
Switchport Mode	access
Access VLAN ID	`112`
Port Channel Group	`4`
Enable MLAG	Yes Note that this setting appears after you set a Port Channel Group ID

At the top of the navigation hierarchy, click Interface Configuration to move back one level. Then click the right arrow to edit the VLAN_134 profile. Configure the profile with the settings in the below table.

Setting	Value
Profile Description	`Host VLAN 134`
Switchport Mode	access
Access VLAN ID	`134`
Port Channel Group	`4`
Enable MLAG	Yes Note that this setting appears after you set a Port Channel Group ID

At the top of the navigation hierarchy, click Interface Configuration to move back one level. Next, scroll down to the Devices section and click the right arrow to select s1-leaf1.
Find the row for Ethernet4 on s1-leaf1 and use the pull-down menus to set Enabled to Yes and Profile to VLAN_112.
At the top of the navigation hierarchy, click Interface Configuration to move back one level. Next, scroll down to the Devices section and click the right arrow to select s1-leaf2. Then use the pull-down menus to set Enabled to Yes and Profile to VLAN_112 for Ethernet4.
Repeat Steps 5-7 to configure Ethernet4 on s1-leaf3 and s1-leaf4. Ensure that Enabled is set to Yes and they are assigned to Profile VLAN_134.

Submit the Workspace and Deploy Configurations¶

Now that we've configured the required settings, we will use the workflow to build and submit our Workspace changes which will render and assign configuration to the switches in our fabric. We will then deploy this configuration into production using a Change Control in CloudVision.

Click Review Workspace in the top right corner. Verify the workspace builds and validates correctly. You may also review the proposed configuration changes section to review the changes generated via the Studios workflow.
Click Submit Workspace in the top right corner, then click View Change Control once that completes its submission.
Click Review and Approve in the top right. Review the proposed changes in the Change Control. Once you are satisfied, click Approve.
Click Execute Change Control then click Execute on the pop-up window and wait for the Change Control to complete. You can optionally click on the individual tasks in the Change Control and review the Logs as well to see how CloudVision is pushing the configuration to the device.

Now that the configuration is deployed, verify functionality by logging into s1-host1 and pinging s1-host2.

Expected Output

s1-host1#ping 10.111.134.202
PING 10.111.134.202 (10.111.134.202) 72(100) bytes of data.
80 bytes from 10.111.134.202: icmp_seq=1 ttl=62 time=8.18 ms
80 bytes from 10.111.134.202: icmp_seq=2 ttl=62 time=4.82 ms
80 bytes from 10.111.134.202: icmp_seq=3 ttl=62 time=5.16 ms
80 bytes from 10.111.134.202: icmp_seq=4 ttl=62 time=4.83 ms
80 bytes from 10.111.134.202: icmp_seq=5 ttl=62 time=4.90 ms

--- 10.111.134.202 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 30ms
rtt min/avg/max/mdev = 4.820/5.577/8.177/1.305 ms, ipg/ewma 7.571/6.831 ms
s1-host1#

Success

Lab Complete! You have successfully deployed a Layer 3 leaf and spine network with MLAG, BGP, EVPN, VLANs, Anycast Gateways and VxLAN all without touching the CLI!

Continue on to Day 2 Operations¶

Explore Visibility and Changes with CloudVision

Device Name	Role	NodeId
s1-leaf1	Leaf	1
s1-leaf2	Leaf	2
s1-leaf3	Leaf	3
s1-leaf4	Leaf	4
s1-spine1	Spine	1
s1-spine2	Spine	2

Setting	Value
Name	`Host_Network_112`
VRF	TENANT
SVI Virtual IP Address	`10.111.112.1/24`

Setting	Value
VTEPs	`DC:1 AND Role:Leaf`
Name	`Host_Network_134`
VRF	TENANT
SVI Virtual IP Address	`10.111.134.1/24`