Skip to content

Commit aafbb8b

Browse files
JamesJBarnettJamesJBarnett
authored
Merge pull request #302952 from sushantjrao/break-glass-setup
Updated and removed the old content
2 parents a4060bb + edf7fc6 commit aafbb8b

5 files changed

+125
-152
lines changed

articles/operator-nexus/.openpublishing.redirection.operator-nexus.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,11 @@
4040
"redirect_url": "howto-apply-access-control-list-to-network-to-network-interconnects",
4141
"redirect_document_id": false
4242
},
43+
{
44+
"source_path": "howto-replace-a-device-in-azure-operator-nexus-network-fabric.md",
45+
"redirect_url": "howto-replace-network-devices",
46+
"redirect_document_id": false
47+
},
4348
{
4449
"source_path": "howto-use-azure-policy-for-aks-cluster-security.md",
4550
"redirect_url": "howto-use-azure-policy",

articles/operator-nexus/TOC.yml

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -219,8 +219,6 @@
219219
href: howto-delete-layer-3-isolation-domains.md
220220
- name: Cross-subscription deployments and required RBAC for Network Fabric
221221
href: concepts-cross-subscription-deployments-required-rbac-for-network-fabric.md
222-
- name: How to replace network devices in Azure Operator Nexus Network Fabric
223-
href: howto-replace-network-devices.md
224222
- name: How to put a device into maintenance mode
225223
href: howto-put-device-in-maintenance-mode.md
226224
- name: How to set up break glass access
@@ -241,8 +239,8 @@
241239
href: howto-append-custom-suffix-to-interface-descriptions.md
242240
- name: How to reboot Network Device in Azure Operator Nexus Network Fabric
243241
href: howto-reboot-network-device.md
244-
- name: How to replace a device in Azure Operator Nexus Network Fabric
245-
href: howto-replace-a-device-in-azure-operator-nexus-network-fabric.md
242+
- name: How to replace network devices in Azure Operator Nexus Network Fabric
243+
href: howto-replace-network-devices.md
246244
- name: How to Configure NNF with Bring Your Own (BYO) Storage
247245
href: howto-configure-bring-your-own-storage-network-fabric.md
248246
- name: How to upgrade OS of terminal server

articles/operator-nexus/concepts-commit-workflow-v2.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -38,14 +38,15 @@ Commit Workflow v2 is built around a structured change management flow. The foll
3838

3939
Before using Commit Workflow v2, ensure the following environment requirements are met:
4040

41-
## Commit Workflow Version Matrix
41+
## Commit workflow compatible versions
4242

4343
The Commit Workflow version supported depends on the combination of Fabric runtime, portal release version, and API version in use. Use the table below to identify which Commit Workflow is applicable for your environment:
4444

4545
| **Fabric Version** | **Release Version** | **API Version(s)** | **Commit Workflow Version** |
4646
|------------------------|---------------------|------------------------------------------------------------------------------------------------------|------------------------------|
4747
| 3.0, 4.0, 5.0 | 8.1 and earlier | `2024-06-15-preview`<br>`2024-02-15-preview`<br>`2023-06-15-stable` | Commit Workflow v1 |
4848
| 5.0.0 | 8.2, 8.3 | `2024-06-15-preview`<br>`2024-02-15-preview`<br>`2023-06-15-stable` | Commit Workflow v1 |
49+
| 5.0.0 | 9.0 | `2024-06-15-preview` | Commit Workflow v1 |
4950
| 5.0.1 | 8.2, 8.3 | `2024-06-15-preview` | Commit Workflow v2 |
5051
| 6.0 and later | 9.0 and later | `2024-06-15-preview` and later | Commit Workflow v2 |
5152

@@ -55,7 +56,7 @@ The Commit Workflow version supported depends on the combination of Fabric runti
5556

5657
### Required versions
5758

58-
If you're unsure which Commit Workflow version applies to your setup, refer to the [Commit Workflow Version Matrix](#commit-workflow-version-matrix).
59+
If you're unsure which Commit Workflow version applies to your setup, refer to the Commit workflow compatible versions.
5960

6061
* **Runtime version**: `5.0.1` or later is required for Commit Workflow v2.
6162

@@ -125,10 +126,9 @@ Device-impacting resources (like Network-to-Network Interconnect (NNI), Isolatio
125126

126127
### Supported resource actions via Commit workflow v2 (when parent resources are in administrative state – Enabled)
127128

128-
| **Supported resource actions which require commit workflow** | ****Supported resource actions which don't require commit workflow** |** |
129+
| **Supported resource actions which require commit workflow** | **Unsupported resource actions which doesn’t require commit workflow** |
129130
| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
130-
| **All resource updates impacting device configuration:**<br>• Updates to Network Fabric resource<br>• Updates to Network-to-Network Interconnect (NNI)<br>• Updates to ISD (L2 and L3)<br>• Creation and updates to Internal and External Networks of enabled L3 ISD<br>• Addition/updates/removal of Route Policy in Internal, External, ISD, and NNI resources<br>• Addition/updates/removal of IP Prefixes, IP Community, and Extended IP Community when attached to Route Policy or Fabric<br>• Addition/updates/removal of ACLs to Internal, External, ISD, and NNI resources<br>• Addition/updates/removal of Network Fabric resource in Network Monitor resource<br>• Additional description updates to Network Device properties<br>• Creation of multiple NNI | **Creation/updating of resources not impacting device configuration:**<br>• Creation of Isolation Domain (ISD) (L3 and L2)<br>• Network Fabric Controller (NFC) creation/updates<br>• Creation and updates to Network TAP rules, Network TAP, Neighbor groups<br>• Creation and updates to Network TAP rules, Network TAP, Neighbor groups<br>• Creation of new Route Policy and connected resources (IP Prefix, IP Community, IP Extended Community)<br>• Update of Route Policy and connected resources when not attached to ISD/Internal/External/NNI<br>• Creation/update of new Access Control List (ACL) which isn't attached<br><br>**ARM resources updates only:**<br>• Tag updates for all supported resources<br><br>**Other administrative actions and post actions which manage lifecycle events:**<br>• Enabling/Disabling Isolation Domain (ISD), Return Material Authorization (RMA), Upgrade, and all administrative actions (enable/disable), serial number update<br>• Deletion of all Nexus Network Fabric (NNF) resources |
131-
131+
| **All resource updates impacting device configuration:**<br>• Updates to Network Fabric resource<br>• Updates to Network-to-Network Interconnect (NNI)<br>• Updates to ISD (L2 and L3)<br>• Creation and updates to Internal and External Networks of enabled L3 ISD<br>• Addition/updates/removal of Route Policy in Internal, External, ISD, and NNI resources<br>• Addition/updates/removal of IP Prefixes, IP Community, and Extended IP Community when attached to Route Policy or Fabric<br>• Addition/updates/removal of ACLs to Internal, External, ISD, and NNI resources<br>• Addition/updates/removal of Network Fabric resource in Network Monitor resource<br>• Additional description updates to Network Device properties<br>• Creation of multiple NNI | **Creation/updating of resources not impacting device configuration:**<br>• Creation of Isolation Domain (ISD) (L3 and L2)<br>• Network Fabric Controller (NFC) creation/updates<br>• Creation and updates to Network TAP rules, Network TAP, Neighbor groups<br>• Creation and updates to Network TAP rules, Network TAP, Neighbor groups<br>• Creation of new Route Policy and connected resources (IP Prefix, IP Community, IP Extended Community)<br>• Update of Route Policy and connected resources when not attached to ISD/Internal/External/NNI<br>• Creation/update of new Access Control List (ACL) which is not attached<br><br>**ARM resources updates only:**<br>• Tag updates for all supported resources<br><br>**Other administrative actions and post actions which manage lifecycle events:**<br>• Enabling/Disabling Isolation Domain (ISD), Return Material Authorization (RMA), Upgrade, and all administrative actions (enable/disable), serial number update<br>• Deletion of all Nexus Network Fabric (NNF) resources |
132132

133133
### Allowed actions after configuration lock
134134

@@ -138,7 +138,7 @@ Here's a clear, structured table showing **Supported actions post configuration
138138

139139
### **Supported and unsupported actions post configuration lock**
140140

141-
| **Actions** | **Supported resource actions when fabric is under configuration lock** | **Unsupported resource actions when fabric is under configuration lock** |
141+
| **Actions** | **Unsupported resource actions when fabric is under configuration lock** | **Unsupported resource actions when fabric is under configuration lock** |
142142
| ------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
143143
| **Resource Actions (CUD)** | - **NFC** (Only *Update*)<br>- **Network TAP rules**, **Network TAP**, **Neighbor Group** *(Create, Update, Delete)* <br>- **ACL** *(Create/Update)* when **not attached** to parent resource<br>- **Network Monitor** created **without Fabric ID**<br>- **Creation/Update** of **IPPrefix**, **IPCommunity List**, **IPExtendedCommunity** when **not attached** to Route Policy<br>- **Read** of all NNF resources<br>- **Delete** of **disabled** resources and **not attached** to any parent resources | - No CUD operations allowed on:<br>  • **Network-to-Network Interconnect (NNI)**<br>  • **Isolation Domains (L2 & L3)**<br>  • **Internal/External Networks** (Additions/Updates)<br>  • **Route Policy**, **IPPrefix**, **IPCommunity List**, **IPExtendedCommunity**<br>  • **ACLs** when **attached to parent resources** (for example, NNI, External Network)<br>  • **Network Monitor** when **attached to Fabric**<br>  • **Deletion** of all **enabled** resources |
144144
| **Post Actions** | - **Lock Fabric** (administrative state)<br>- **View Device Configuration**<br>- **Commit Configuration**<br>- **ARMConfig Diff** <br>- **Commit batch status** | - All other post actions are **blocked** and must be done **prior to enabling configuration lock** |

0 commit comments

Comments
 (0)