XCO consists of core K3s containerized microservices that interact with each other and with other infrastructure services to provide the core functions of fabric and tenant network automation.
The Fabric Service is responsible for automating the fabric BGP underlay and EVPN overlay. By default, the EVPN overlay is enabled but you can turn it off it before provisioning, if necessary. The Fabric Service exposes the CLI and REST API for automating the fabric underlay and overlay configuration.
Underlay automation includes interface configurations (IP numbered), BGP underlay for spine and leaf, BFD, and MCT configurations. Overlay automation includes EVPN and overlay gateway configuration.
The Tenant Service manages tenants, tenant networks, and endpoints, fully leveraging the knowledge of assets and the underlying fabric. You can use the CLI and REST API for tenant network configuration on Clos and small data center fabrics.
Tenant network configuration includes VLAN, BD, VE, EVPN, VTEP, VRF, and router BGP configuration on fabric devices to provide Layer 2 extension, Layer 3 extension across the fabric, Layer 2 hand-off, and Layer 3 hand-off at the edge of the fabric.
The Inventory Service acts as an inventory of all the necessary physical and logical assets of the fabric devices. All other XCO services rely on asset data for their configuration automation. The Inventory Service is a REST layer on top of device inventory details, with the capability to filter data based on certain fields. The Inventory Service securely stores the credentials of devices in encrypted form and makes those credentials available to different components such as the Fabric and Tenant services.
The Inventory Service supports the execute-cli option for pushing configuration and exec commands to devices. Examples include configuring SNMP parameters or OSPF configurations. This means you can use XCO for SLX-OS commands and push the same configuration to multiple devices.
The Asset Service provides the secure credential store and deep discovery of physical and logical assets of the managed devices. The service publishes the Asset refresh and change events to other services.
The Notification Service sends events, alerts, alarms, and tasks to external entities:
The RASlog Service processes syslog messages from devices and forwards notifications to subscribers. For more information, see RASlog Service in the ExtremeCloud Orchestrator CLI Administration Guide, 3.6.0 .
The Security Service consists of authentication and authorization features that enforce a security boundary between northbound clients and downstream operations between XCO and SLX devices. The service also validates users and their credentials through Role-based Access Control (RBAC) and supports local and remote (LDAP) login.
You can use LDAP with XCO for user authentication and authorization. Based on the server configuration, XCO provides various options to configure LDAP.
For more information, see XCO User Authentication and Authorization in the ExtremeCloud Orchestrator Security Guide, 3.6.0
The SNMP Service processes SNMP traps from devices and forwards notifications to subscribers. For more information, see XCO as SNMP Proxy in the ExtremeCloud Orchestrator CLI Administration Guide, 3.6.0 .
Policy Service in XCO manages and configures IP prefix lists and route maps on fabric devices. It subscribes to the inventory service to receive events including device registration, device deletion, and changes to previously identified IP prefix lists and route maps.
The system service provides options to configure system-level settings, such as supportsave, backup, and feature enablement. It periodically takes a backup of the XCO system.
The Fault Service raises alerts and alarms when issues are detected to enable system administrators to monitor and troubleshoot.
Extreme Visibility Manager (Visibility Manager), a Kubernetes-based microservices application, provides centralized device and policy management as part of the Extreme Visibility solution.
Visibility Manager supports several network packet broker devices. Although devices have different functionality and different configuration methods, Visibility Manager seamlessly interacts with all supported devices for simplified management.
You use Visibility Manager to perform much of the same traffic configuration that you might otherwise perform from the command-line interface of your network packet broker operating system. And then you use Visibility Manager to analyze the traffic for insight into issues such as network usage, load-balancing irregularities, and security threats.
Visibility Manager managed objects work together to accomplish most packet broker functions. You configure the objects from the user interface.
For more information, see Extreme Visibility Manager Administration and User Guide Version 6.1.0.
XCO provides one-touch integration with these ecosystems, providing deep insight into VMs, Switches, port groups, and hosts, and the translation of these into IP fabric networking constructs.