Switch Automation
Use at your own risk.
The "Advanced Switch Management" is in public testing, following a private beta. If you are encountering issues, please contact support. Use at your own risk.
Custom Events
The switch automation can be enabled on the subnet configuration page. This allows to automatically create or assign VLANs to interfaces on SNMP switches depending on the IP addresses of the server.
Requirements
The switch automation is only available if the server has assigned a supported switch port and the option "Enable Switch Automation" is enabled at the SNMP switch assignment. A switch is supported, if the "Advanced Switch Management" has been enabled at the SNMP switch configuration and the device is supported.
If any of the requirements is not met, no automatic action will be performed.
Subnet Configuration
As first step, the switch automation must be enabled on the subnet configuration page. This is done by enabling the option "Enable Switch Automation". Once enabled, additional configurable options will become available.
It is important to understand the options and excessive testing is recommended before enabling the switch automation in production environments. If the options are not correctly understood, it can lead to unexpected results. This is especially true for the options:
- Use existing access/native VLAN ID
- Try to re-use access/native VLAN
- Delete L3 IP on unassignment
To test if the automation works as expected, it is recommended to test the automation.
VLAN Mode
The following VLAN modes are available:
- Access
- Native + Trunk
Depending on the selected mode, the following options will become available.
Access/Native VLAN
Set a hard-coded VLAN ID for the access/native VLAN. If the options "Use existing access/native VLAN ID" and/or "Try to re-use access/native VLAN" are enabled, the specified VLAN ID is not garantueed.
Access/Native VLAN Range
Set a available range of VLAN IDs to use. Tenantos will lookup an unused ID and use it. As at the option "Access/Native VLAN", the specified VLAN ID is not garantueed if the options "Use existing access/native VLAN ID" and/or "Try to re-use access/native VLAN" are enabled.
Enter Trunk VLAN IDs
Enter a list of VLAN IDs that will be configured as trunk VLANs. If one of the VLANs does not exist yet, a new VLAN will be created.
Use existing access/native VLAN ID
If this option is enabled, the system will use the existing access/native VLAN ID of the interface. If a Layer 3 IP has been specified, the Layer 3 IP will be added to the existing VLAN.
Access/Native Layer 3 Mode
If enabled, a Layer 3 IP will be assigned to the VLAN. The following options are available:
- None
- Gateway IP
- Custom IP
If the VLAN already has the specified Layer 3 IP, no action will be performed.
Try to re-use access/native VLAN
Enabling this option will try to find an existing VLAN with the same Layer 3 IP. If a VLAN with the same Layer 3 IP is found, the VLAN will be used. If no VLAN with the same Layer 3 IP is found, a new VLAN will be created.
Delete L3 IP on unassignment
If no servers are using the subnet anymore, the Layer 3 IP will be removed from the VLAN upon the unassignment of the last used IP.
Combination of "Use existing access/native VLAN ID" and "Try to re-use access/native VLAN"
If both options are enabled, the system will first try to use the existing access/native VLAN ID, and fallback to the re-use mechanism if no VLAN has been assigned to the interface yet.
Handling of IP assignments of multiple subnets
When a server is assigned IPs from different subnets, Tenantos attempts to devise a valid network configuration. If a VLAN conflict is detected, the automation fails.
Subnet Prioritization and VLAN Configuration
- Subnet Prioritization: Tenantos prioritizes subnets based on the activation of "Use existing port access/native VLAN" and "Reuse access VLAN" options. Subnets with only "Use existing port access/native VLAN" activated have the highest priority.
- VLAN Assignment and Configuration: Tenantos attempts to use existing VLANs on the port or find reusable VLANs based on the subnet priorities. If neither is available, a new VLAN is created.
- Handling Mixed Options: In scenarios where different subnets have different options activated, Tenantos ensures a consistent VLAN assignment. If conflicting configurations between subnets are detected (e.g. multiple VLAN IDs required for the same port), the automation will fail.
Layer 3 IP Management
- Dynamic Layer 3 IP Movement: Tenantos dynamically manages Layer 3 IPs. If the option "Use existing port access/native VLAN" is enabled in one subnet, Layer 3 IPs of other subnets will be moved to the VLAN of the subnet with the highest priority.
- Layer 3 IP Removal: When VLANs are no longer associated with any subnets, and if the 'Delete L3 IP on unassignment' option is enabled, Layer 3 IPs are removed from these VLANs.
Invalid Configurations
If different subnets result in an invalid configuration, such as conflicting VLAN IDs for the same switch port, the automation will fail.
If you plan to use the "Use existing port access/native VLAN" and/or "Try to re-use access/native VLAN" option, it is important to test the network automation to fully understand the behavior.
How to test the network automation
Once the requirements for network automation are met, a new option to recreate the VLAN configuration will appear on the IP assignments page of the servers. Furthermore, when adding new IP addresses, an option to execute the automation will be offered.
In both cases it is possible to perform a dry-run, which will show the expected results without actually executing the automation. If the dry-run result is as expected, the automation can be executed. A detailed debug log is available as well, to understand how the system came to the result.
At switches that do not support test commits / rollbacks, Tenantos will simulate the commands based on the live configuration data from the switch.