Always-ON SR Linux
But wouldn't it be nice to have an SR Linux instance running in the cloud open for everyone to tinker with? We think it would, so we created an Always-ON SR Linux instance that we invite you to try out.
What is Always-ON SR Linux for?#
The Always-ON SR Linux instance is an Internet reachable SR Linux container running in the cloud. Although running in the read-only mode, the Always-ON instance can unlock some interesting use cases, which won't require anything but Internet connection from a curious user.
getting to know SR Linux CLI
SR Linux offers a modern, extensible CLI with unique features aimed to make Ops teams life easier.
New users can make their first steps by looking at the
showcommands, exploring the datastores, running
info fromcommands and getting the grips of configuration basics by entering into the configuration mode.
By being a YANG-first Network OS, SR Linux is fully modelled with YANG. This means that by traversing the CLI users are inherently investigating the underlying YANG models that serve the base for all the programmable interfaces SR Linux offers.
The de-facto king of the Streaming Telemetry - gNMI - is one of the programmable interfaces of SR Linux.
gNMI is enabled on the Always-ON instance, so anyone can stream the data out of the SR Linux and see how it works for themselves.
Always-ON SR Linux instance comes up with the SSH and gNMI management interfaces exposed. The following table summarizes the connection details for each of those interfaces:
for key-based authentication use this key to authenticate the
SR Linux runs a TLS-enabled gNMI server with a certificate already present on the system. The users of the gNMI interface can either skip verification of the node certificate, or they can use this CA.pem file to authenticate the node's TLS certificate.
guest user has the following settings applied to it:
- Read-only mode
filecommands are disabled
Although the read-only mode is enforced, the guest user can still enter in the configuration mode and perform configuration actions, it is just that
guest can't commit them.
Always-ON sandbox setup#
The Always-ON sandbox consists of SR Linux node connected with a LAG interface towards an Nokia SR OS node.
Protocols and Services#
We pre-created a few services on the SR Linux node so that you would see a "real deal" configuration- and state-wise.
The underlay configuration consists of the two L3 links between the nodes with eBGP peering built on link addresses. The system/loopback interfaces are advertised via eBGP to enable overlay services.
In the overlay the following services are configured:
- Layer 2 EVPN with VXLAN dataplane1 with
mac-vrf-100network instance created on SR Linux
- Layer 3 EVPN with VXLAN dataplane with
ip-vrf-200network instance created on SR Linux