XCO Microservices

XCO consists of core K3s containerized microservices that interact with each other and with other infrastructure services to provide the core functions of fabric and tenant network automation.

Click to expand in new window
Microservices in the XCO architecture
An overview of XCO microservices

Fabric Service

The Fabric Service is responsible for automating the fabric BGP underlay and EVPN overlay. By default, the EVPN overlay is enabled but you can turn it off it before provisioning, if necessary. The Fabric Service exposes the CLI and REST API for automating the fabric underlay and overlay configuration.

The Fabric Service features include:
  • Support for small data centers (non-Clos)
  • Support for 3-stage and 5-stage Clos fabrics
  • Support for MCT configuration

Underlay automation includes interface configurations (IP numbered), BGP underlay for spine and leaf, BFD, and MCT configurations. Overlay automation includes EVPN and overlay gateway configuration.

Tenant Service

The Tenant Service manages tenants, tenant networks, and endpoints, fully leveraging the knowledge of assets and the underlying fabric. You can use the CLI and REST API for tenant network configuration on Clos and small data center fabrics.

Tenant network configuration includes VLAN, BD, VE, EVPN, VTEP, VRF, and router BGP configuration on fabric devices to provide Layer 2 extension, Layer 3 extension across the fabric, Layer 2 hand-off, and Layer 3 hand-off at the edge of the fabric.

Inventory Service

The Inventory Service acts as an inventory of all the necessary physical and logical assets of the fabric devices. All other XCO services rely on asset data for their configuration automation. The Inventory Service is a REST layer on top of device inventory details, with the capability to filter data based on certain fields. The Inventory Service securely stores the credentials of devices in encrypted form and makes those credentials available to different components such as the Fabric and Tenant services.

The Inventory Service supports the execute-cli option for pushing configuration and exec commands to devices. Examples include configuring SNMP parameters or OSPF configurations. This means you can use XCO for SLX-OS commands and push the same configuration to multiple devices.

Asset Service

The Asset Service provides the secure credential store and deep discovery of physical and logical assets of the managed devices. The service publishes the Asset refresh and change events to other services.

Notification Service

The Notification Service sends events, alerts, alarms, and tasks to external entities:

RASlog Service

The RASlog Service processes syslog messages from devices and forwards notifications to subscribers. For more information, see RASlog Service in the ExtremeCloud Orchestrator CLI Administration Guide, 3.2.0 .

Security Service

The Security Service consists of authentication and authorization features that enforce a security boundary between northbound clients and downstream operations between XCO and SLX devices. The service also validates users and their credentials through Role-based Access Control (RBAC) and supports local and remote (LDAP) login.

Note

Note

If you configure LDAP server over SSL, and use IP to connect to the server, ensure that the certificate includes the IP as part of SANs for a successful connection.

SNMP Service

The SNMP Service processes SNMP traps from devices and forwards notifications to subscribers. For more information, see XCO as SNMP Proxy in the ExtremeCloud Orchestrator CLI Administration Guide, 3.2.0 .

Policy Service

Policy Service in XCO manages and configures IP prefix lists and route maps on fabric devices. It subscribes to the inventory service to receive events including device registration, device deletion, and changes to previously identified IP prefix lists and route maps.

System Service

The system service provides options to configure system-level settings, such as supportsave, backup, and feature enablement. It periodically takes a backup of the XCO system.

Fault Service

The Fault Service raises alerts and alarms when issues are detected to enable system administrators to monitor and troubleshoot.

Extreme Visibility Manager

Extreme Visibility Manager (Visibility Manager), a Kubernetes-based microservices application, provides centralized device and policy management as part of the Extreme Visibility solution.

Visibility Manager supports several network packet broker devices. Although devices have different functionality and different configuration methods, Visibility Manager seamlessly interacts with all supported devices for simplified management.

You use Visibility Manager to perform much of the same traffic configuration that you might otherwise perform from the command-line interface of your network packet broker operating system. And then you use Visibility Manager to analyze the traffic for insight into issues such as network usage, load-balancing irregularities, and security threats.

Visibility Manager managed objects work together to accomplish most packet broker functions. You configure the objects from the user interface.

For more information, see Extreme Visibility Manager Administration and User Guide Version 6.1.0.

Ecosystem Services

XCO provides one-touch integration with these ecosystems, providing deep insight into VMs, Switches, port groups, and hosts, and the translation of these into IP fabric networking constructs.

VMware vCenter Service
The vCenter integration provides connectivity between XCO and vCenter using a REST API. XCO does not connect to individual ESXi servers. All integration is done through vCenter. For more information, see the ExtremeCloud Orchestrator VMware vCenter Integration Guide, 3.2.0 . Integration support includes the following:
  • Registration or deregistration of one or more vCenter servers in XCO
  • Updates for vCenter asset details
  • Lists of information about vCenter servers
  • Inventory integration
  • Dynamic updates about Tenant Service integration from vCenter and from XCO services
Hyper-V
The Hyper-V integration supports networking configuration for Hyper-V servers in a datacenter, manual and automated configuration updates when VMs move, and visibility into the VMs and networking resources that are deployed in the Hyper-V setup. For more information, see ExtremeCloud Orchestrator Hyper-V Integration Guide, 3.2.0 . Integration support includes the following:
  • SCVMM (System Center Virtual Machine Manager) server discovery
  • SCVMM server update
  • Periodic polling of registered SCVMM servers
  • SCVMM server list
  • SCVMM server delete and deregister
  • Network event handling
OpenStack Service
The OpenStack service integrates Extreme OpenStack plugins with the rest of the XCO foundation services in an IP fabric. For more information, see the ExtremeCloud Orchestrator OpenStack Integration Guide, 3.2.0 . Integration support includes the following:
  • Create, read, update, delete (CRUD) operations on networks and ports
  • LAG support
  • Provider network (default, PT)
  • VLAN trunking
  • Network operations using single-root I/O virtualization (SR-IOV), physical and virtual functions
  • vMotion (virtual machine migration)
  • ML2 driver with support for:
    • Network and segment provisioning for non-default provider:physical_network (physnet) value.

      A physnet is the value of a network's provider :physical_network attribute.

    • DC-owner-based l2 extension for DC gateway
  • Topology changes for port-based extension of DC gateway addition and deletion of topology entries and its changes on XCO endpoint groups.
  • Single-homed connections to the edge port
  • Multi-segment support
  • Journaling support for L2 and L3
  • L3 service plugin:
    • Routing feature support using VRF
    • Flavor (service provider) support
    • Centralized routing
    • IPv6 support (dual stack)
  • Layer 3 flavors
  • Neighbor Discovery and Router Advertisement support:
    • IPv6 ND MTU support
    • IPv6 No-Autoconfig support