├── .github └── workflows │ └── code-execution.yml ├── .gitignore ├── DEMO.md ├── INSTALLATION.md ├── LICENSE ├── Makefile ├── README.md ├── ansible.cfg ├── configlets └── GLOBAL-ALIASES.conf ├── data ├── cloudvision-deployed-configlet.png ├── cloudvision-device-topology.png ├── cloudvision-initial-configlet.png ├── cloudvision-uploaded-configlets.png ├── cloudvision-ztpd-devices.png ├── figure-2-cloudvision-change-control.png ├── lab-topology.png └── streaming-inventory.png ├── inventory ├── documentation │ ├── DC1_FABRIC │ │ ├── DC1_FABRIC-p2p-links.csv │ │ ├── DC1_FABRIC-topology.csv │ │ └── DC1_FABRIC.md │ ├── devices │ │ ├── DC1-L2LEAF1A.md │ │ ├── DC1-L2LEAF2A.md │ │ ├── DC1-LEAF1A.md │ │ ├── DC1-LEAF1B.md │ │ ├── DC1-LEAF2A.md │ │ ├── DC1-LEAF2B.md │ │ ├── DC1-SPINE1.md │ │ └── DC1-SPINE2.md │ └── fabric │ │ ├── DC1_FABRIC-documentation.md │ │ ├── DC1_FABRIC-p2p-links.csv │ │ └── DC1_FABRIC-topology.csv ├── group_vars │ ├── CVP.yml │ ├── DC1.yml │ ├── DC1_FABRIC.yml │ ├── DC1_SERVERS.yml │ └── DC1_TENANTS_NETWORKS.yml ├── intended │ ├── configs │ │ ├── DC1-L2LEAF1A.cfg │ │ ├── DC1-L2LEAF2A.cfg │ │ ├── DC1-LEAF1A.cfg │ │ ├── DC1-LEAF1B.cfg │ │ ├── DC1-LEAF2A.cfg │ │ ├── DC1-LEAF2B.cfg │ │ ├── DC1-SPINE1.cfg │ │ └── DC1-SPINE2.cfg │ └── structured_configs │ │ ├── DC1-L2LEAF1A-debug-vars.yml │ │ ├── DC1-L2LEAF1A.yml │ │ ├── DC1-L2LEAF2A-debug-vars.yml │ │ ├── DC1-L2LEAF2A.yml │ │ ├── DC1-LEAF1A-debug-vars.yml │ │ ├── DC1-LEAF1A.yml │ │ ├── DC1-LEAF1B-debug-vars.yml │ │ ├── DC1-LEAF1B.yml │ │ ├── DC1-LEAF2A-debug-vars.yml │ │ ├── DC1-LEAF2A.yml │ │ ├── DC1-LEAF2B-debug-vars.yml │ │ ├── DC1-LEAF2B.yml │ │ ├── DC1-SPINE1-debug-vars.yml │ │ ├── DC1-SPINE1.yml │ │ ├── DC1-SPINE2-debug-vars.yml │ │ ├── DC1-SPINE2.yml │ │ └── cvp │ │ ├── cv_server.yml │ │ └── cv_server_configlets.yml └── inventory.yml ├── playbooks ├── dc1-fabric-deploy-cvp.yml ├── dc1-fabric-reset-cvp.yml ├── dc1-upload-configlets.yml └── dc1-ztp-configuration.yml └── requirements.txt /.github/workflows/code-execution.yml: -------------------------------------------------------------------------------- 1 | name: Ansible Code Execution 2 | on: [push] 3 | jobs: 4 | ansible_ci: 5 | name: Run Ansible Checks 6 | runs-on: ubuntu-latest 7 | container: avdteam/base:3.6 8 | steps: 9 | - uses: actions/checkout@master 10 | - name: 'Install collections' 11 | run: | 12 | pip install -r requirements.txt 13 | make install 14 | - name: 'Check ansible syntax' 15 | run: | 16 | ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --syntax-check 17 | ansible-playbook playbooks/dc1-fabric-reset-cvp.yml --syntax-check 18 | ansible-playbook playbooks/dc1-ztp-configuration.yml --syntax-check 19 | - name: 'Run a generate playbook to test AVD variables' 20 | run: | 21 | ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags generate 22 | - name: 'Build AVD & CVP content' 23 | run: | 24 | ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags build 25 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.retry 2 | ansible-* 3 | .vscode -------------------------------------------------------------------------------- /DEMO.md: -------------------------------------------------------------------------------- 1 | 2 | # Demo script 3 | 4 | - [Demo script](#demo-script) 5 | - [Power up devices](#power-up-devices) 6 | - [Check there is no container](#check-there-is-no-container) 7 | - [Check Configlets are not present](#check-configlets-are-not-present) 8 | - [Upload custom configlets to Cloudvision.](#upload-custom-configlets-to-cloudvision) 9 | - [Run Ansible playbook to rollout EVPN Fabric](#run-ansible-playbook-to-rollout-evpn-fabric) 10 | - [Playbook overview](#playbook-overview) 11 | - [Run Playbook](#run-playbook) 12 | - [Generate EOS Configuration](#generate-eos-configuration) 13 | - [Provision CloudVision Server](#provision-cloudvision-server) 14 | - [Execute Pending tasks using a change control](#execute-pending-tasks-using-a-change-control) 15 | - [Analyze result](#analyze-result) 16 | - [Topology Update](#topology-update) 17 | - [Configlet list](#configlet-list) 18 | - [Check device status](#check-device-status) 19 | - [BGP Status](#bgp-status) 20 | - [VXLAN address table](#vxlan-address-table) 21 | - [Check device connectivity](#check-device-connectivity) 22 | - [Revert topology](#revert-topology) 23 | 24 | ## Power up devices 25 | 26 | Power up your devices what ever the solution is. You will see them in the __`undefined`__ container 27 | 28 | ![ZTP Registration](data/cloudvision-ztpd-devices.png) 29 | 30 | ### Check there is no container 31 | 32 | ![Streaming Inventory](data/streaming-inventory.png) 33 | 34 | ### Check Configlets are not present 35 | 36 | ![Configlets](data/cloudvision-initial-configlet.png) 37 | 38 | > CloudVision might have some configlets, but none with AVD related content. 39 | 40 | ## Upload custom configlets to Cloudvision. 41 | 42 | These configlets are managed outside of AVD project and can provide additional elements not generated by Arista Validated Design. In this example, we upload a configlet with a list of useful aliases. 43 | 44 | ```shell 45 | $ ansible-playbook playbooks/dc1-upload-configlets.yml 46 | ... 47 | ``` 48 | 49 | ![Uploaded Configlets](data/cloudvision-uploaded-configlets.png) 50 | 51 | ## Run Ansible playbook to rollout EVPN Fabric 52 | 53 | A set of tags are available, but it is recommended to execute playbook in a row: 54 | 55 | ### Playbook overview 56 | 57 | Playbook: [`playbooks/dc1-fabric-deploy-cvp.yml`](playbooks/dc1-fabric-deploy-cvp.yml) 58 | 59 | Playbook manage following actions: 60 | 61 | - Generate Variables for CVP structure: 62 | - List of configlets 63 | - Containers topology 64 | - List of devices. 65 | - Collect CloudVision Facts 66 | - Deploy Configlets to CloudVision 67 | - Build Containers Topology 68 | - Configure devices with correct configlet and container. 69 | - Execute created tasks (wait 5 minutes while devices reboot) 70 | 71 | This playbook supports 2 tags to run demo step by step: 72 | 73 | - __build__: Generate configuration. 74 | - __provision__: Push content to CloudVision. 75 | 76 | ### Run Playbook 77 | 78 | #### Generate EOS Configuration 79 | 80 | Use tag `build` to only generate 81 | 82 | - [EOS structured configuration(YAML)](inventory/intended/structured_configs/) 83 | - [EOS configuration](inventory/intended/configs/) 84 | - [EOS Documentation](inventory/documentation/) 85 | - [CloudVision parameters](inventory/intended/structured_configs/cvp/cv_server.yml) 86 | 87 | ```shell 88 | # Deploy EVPN/VXLAN Fabric 89 | $ ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags build 90 | 91 | TASK [eos_l3ls_evpn : Include device structured configuration, that was previously generated.] 92 | ok: [DC1-SPINE1 -> localhost] 93 | ok: [DC1-SPINE2 -> localhost] 94 | ok: [DC1-LEAF1A -> localhost] 95 | ok: [DC1-LEAF1B -> localhost] 96 | ok: [DC1-LEAF2A -> localhost] 97 | ok: [DC1-LEAF2B -> localhost] 98 | 99 | TASK [eos_l3ls_evpn : Generate EVPN fabric documentation in Markdown Format.] 100 | changed: [DC1-SPINE1 -> localhost] 101 | 102 | TASK [eos_l3ls_evpn : Generate Leaf and Spine Point-To-Point Links summary in csv format.] 103 | changed: [DC1-SPINE1 -> localhost] 104 | 105 | TASK [eos_l3ls_evpn : Generate Fabric Topology in csv format.] 106 | changed: [DC1-SPINE1 -> localhost] 107 | 108 | TASK [eos_cli_config_gen : include device intended structure configuration variables] 109 | ok: [DC1-SPINE1 -> localhost] 110 | ok: [DC1-SPINE2 -> localhost] 111 | ok: [DC1-LEAF1A -> localhost] 112 | ok: [DC1-LEAF1B -> localhost] 113 | ok: [DC1-LEAF2A -> localhost] 114 | ok: [DC1-LEAF2B -> localhost] 115 | 116 | TASK [eos_cli_config_gen : Generate eos intended configuration] 117 | ok: [DC1-LEAF2A -> localhost] 118 | ok: [DC1-SPINE1 -> localhost] 119 | ok: [DC1-LEAF1A -> localhost] 120 | ok: [DC1-LEAF2B -> localhost] 121 | ok: [DC1-SPINE2 -> localhost] 122 | ok: [DC1-LEAF1B -> localhost] 123 | 124 | TASK [eos_cli_config_gen : Generate device documentation] 125 | changed: [DC1-SPINE1 -> localhost] 126 | changed: [DC1-LEAF1A -> localhost] 127 | changed: [DC1-LEAF2A -> localhost] 128 | changed: [DC1-SPINE2 -> localhost] 129 | changed: [DC1-LEAF1B -> localhost] 130 | changed: [DC1-LEAF2B -> localhost] 131 | 132 | PLAY [Configuration deployment with CVP] 133 | 134 | TASK [eos_config_deploy_cvp : generate intented variables] 135 | ok: [cv_server] 136 | 137 | TASK [eos_config_deploy_cvp : Build DEVICES and CONTAINER definition for cv_server] 138 | changed: [cv_server -> localhost] 139 | 140 | TASK [eos_config_deploy_cvp : Load CVP device information for cv_server] 141 | ok: [cv_server] 142 | 143 | PLAY RECAP 144 | DC1-LEAF1A : ok=5 changed=1 unreachable=0 failed=0 ... 145 | DC1-LEAF1B : ok=5 changed=1 unreachable=0 failed=0 ... 146 | DC1-LEAF2A : ok=5 changed=1 unreachable=0 failed=0 ... 147 | DC1-LEAF2B : ok=5 changed=1 unreachable=0 failed=0 ... 148 | DC1-SPINE1 : ok=8 changed=4 unreachable=0 failed=0 ... 149 | DC1-SPINE2 : ok=5 changed=1 unreachable=0 failed=0 ... 150 | cv_server : ok=3 changed=1 unreachable=0 failed=0 ... 151 | ``` 152 | 153 | All outputs are part of following folders: 154 | 155 | - Intended YAML configuration: [`inventory/intended/structured_configs`](inventory/intended/structured_configs) 156 | - Intended EOS configuration files: [`inventory/intended/configs`](inventory/intended/configs) 157 | - Documentation: [`inventory/documentation`](inventory/documentation) 158 | 159 | #### Provision CloudVision Server 160 | 161 | Use tag `provision` to deploy configuration to CloudVision and prepare devices to be updated: 162 | 163 | - Create configlets on CloudVision servers 164 | - Create containers on CloudVision using inventory structure 165 | - Move devices to containers 166 | - Attach configlets to devices. 167 | 168 | This tag does not execute any pending tasks. It is a manual action that can be done with a Change Control. 169 | If you want to automatically deploy, just use `execute_tasks: True` in `eos_config_deploy_cvp` role. 170 | 171 | ```shell 172 | # Deploy EVPN/VXLAN Fabric 173 | $ ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags provision 174 | ``` 175 | 176 | #### Execute Pending tasks using a change control 177 | 178 | Go to _Provisioning > Change Control_ to create a new change control 179 | 180 | ![Change Control Example](data/figure-2-cloudvision-change-control.png) 181 | 182 | This change control is an example and you are free to build structure you want. In this scenario, all tasks can be run in parallel as we just rollout an EVPN/VXLAN fabric. 183 | 184 | ## Analyze result 185 | 186 | Once devices rebooted, you can review fabric status on devices themselfs or on on CloudVision as well. 187 | 188 | ### Topology Update 189 | 190 | Topology has been updated accordingly 191 | 192 | ![Lab Topology](data/cloudvision-device-topology.png) 193 | 194 | ### Configlet list 195 | 196 | A set of new configlets have been configured on CloudVision and attached to devices 197 | 198 | ![Lab Topology](data/cloudvision-deployed-configlet.png) 199 | 200 | ### Check device status 201 | 202 | To validate deployment, connect to devices and issue some commands: 203 | 204 | ### BGP Status 205 | 206 | ```shell 207 | DC1-LEAF1B#show bgp evpn summary 208 | BGP summary information for VRF default 209 | Router identifier 192.168.255.4, local AS number 65101 210 | Neighbor V AS MsgRcvd MsgSent InQ OutQ Up/Down State PfxRcd PfxAcc 211 | 192.168.255.1 4 65001 56 66 0 0 00:00:36 Estab 86 86 212 | 192.168.255.2 4 65001 55 39 0 0 00:00:44 Estab 86 86 213 | ``` 214 | 215 | ### VXLAN address table 216 | 217 | ```shell 218 | DC1-LEAF1B#show vxlan address-table 219 | Vxlan Mac Address Table 220 | ---------------------------------------------------------------------- 221 | 222 | VLAN Mac Address Type Prt VTEP Moves Last Move 223 | ---- ----------- ---- --- ---- ----- --------- 224 | 1191 0e1d.c07f.d96c EVPN Vx1 192.168.254.5 1 0:00:04 ago 225 | 1192 0e1d.c07f.d96c EVPN Vx1 192.168.254.5 1 0:00:02 ago 226 | 1193 0e1d.c07f.d96c EVPN Vx1 192.168.254.5 1 0:00:04 ago 227 | 1194 0e1d.c07f.d96c EVPN Vx1 192.168.254.5 1 0:00:02 ago 228 | 1195 0e1d.c07f.d96c EVPN Vx1 192.168.254.5 1 0:00:02 ago 229 | 1196 0e1d.c07f.d96c EVPN Vx1 192.168.254.5 1 0:00:02 ago 230 | 1197 0e1d.c07f.d96c EVPN Vx1 192.168.254.5 1 0:00:04 ago 231 | 1198 0e1d.c07f.d96c EVPN Vx1 192.168.254.5 1 0:00:04 ago 232 | 1199 0e1d.c07f.d96c EVPN Vx1 192.168.254.5 1 0:00:02 ago 233 | Total Remote Mac Addresses for this criterion: 9 234 | ``` 235 | 236 | ### Check device connectivity 237 | 238 | Connect on server 01 and issue a ping to server 02. 239 | 240 | ```shell 241 | root@Server01:~# ping 10.1.10.12 -c 5 242 | PING 10.1.10.12 (10.1.10.12) 56(84) bytes of data. 243 | 64 bytes from 10.1.10.12: icmp_seq=1 ttl=64 time=0.033 ms 244 | 64 bytes from 10.1.10.12: icmp_seq=2 ttl=64 time=0.026 ms 245 | 64 bytes from 10.1.10.12: icmp_seq=3 ttl=64 time=0.021 ms 246 | 64 bytes from 10.1.10.12: icmp_seq=4 ttl=64 time=0.026 ms 247 | 64 bytes from 10.1.10.12: icmp_seq=5 ttl=64 time=0.034 ms 248 | 249 | --- 10.1.10.12 ping statistics --- 250 | 5 packets transmitted, 5 received, 0% packet loss, time 3998ms 251 | rtt min/avg/max/mdev = 0.021/0.028/0.034/0.004 ms 252 | ``` 253 | 254 | ## Revert topology 255 | 256 | Once demo is over, you can revert to previous stage: 257 | 258 | - Reset devices to ZTP mode (Only devices part of the demo) 259 | - Remove configlet deployed previously 260 | - Remove dedicated container topology 261 | - Reboot devices 262 | 263 | Playbook: [`dc1-fabric-reset-cvp.yml`](dc1-fabric-reset-cvp.yml) 264 | 265 | ```shell 266 | # Reset EVPN/VXLAN Fabric tp ZTP 267 | $ ansible-playbook playbooks/dc1-fabric-reset-cvp.yml 268 | ``` 269 | 270 | > Revert will reset all devices to Factory default and ZTP mode ! 271 | -------------------------------------------------------------------------------- /INSTALLATION.md: -------------------------------------------------------------------------------- 1 | # Installation Process 2 | 3 | This document explain how to customize demo information and how to setup this environment. 4 | 5 | 6 | 7 | - [Installation Process](#installation-process) 8 | - [Demonstration requirements.](#demonstration-requirements) 9 | - [Components](#components) 10 | - [IP Address management](#ip-address-management) 11 | - [Configure Python environment.](#configure-python-environment) 12 | - [Configure DHCP server on CloudVision](#configure-dhcp-server-on-cloudvision) 13 | - [Ansible playbook approach](#ansible-playbook-approach) 14 | - [Manual approach](#manual-approach) 15 | - [Update Inventory](#update-inventory) 16 | - [Update Fabric information](#update-fabric-information) 17 | 18 | 19 | 20 | ## Demonstration requirements. 21 | 22 | ### Components 23 | 24 | - A cloudVision server running version `>= 2018.2.5` 25 | - A network topology: 26 | - Demo is based on a 2 spines / 4 leafs running on GNS3 27 | - Any physical or virtual topology with oob connected to CVP should work. 28 | - A python environmentwith CloudVision access. 29 | 30 | ![Lab Topology](data/lab-topology.png) 31 | 32 | ### IP Address management 33 | 34 | - ___CloudVision IP address___: 35 | - Cluster interface: eth0 / Should use your own IP address 36 | - Device interface: eth1 / `10.255.0.1/24` 37 | - ___Management Network___: `10.255.0.0/24` 38 | - _DC1-SPINE1_: `10.255.0.11/24` 39 | - _DC1-SPINE2_: `10.255.0.12/24` 40 | - _DC1-LEAF1A_: `10.255.0.13/24` 41 | - _DC1-LEAF1B_: `10.255.0.14/24` 42 | - _DC1-LEAF2A_: `10.255.0.15/24` 43 | - _DC1-LEAF2B_: `10.255.0.16/24` 44 | - _DC1-L2LEAF1A_: `10.255.0.17/24` 45 | - _DC1-L2LEAF2B_: `10.255.0.18/24` 46 | - ___Default Username & Password___: 47 | - admin / arista123 48 | - cvpdamin / arista123 49 | - ansible / ansible 50 | - ___Servers configuration___: 51 | - Server 01: eth0 / `10.1.10.11/24` 52 | - Server 02: eth0 / `10.1.10.12/24` 53 | 54 | This management IP addresses are used in a private virtual-network between CloudVision and Arista EOS devices. 55 | 56 | ## Configure Python environment. 57 | 58 | First, clone repository and all the sub-modules configured: 59 | 60 | ```shell 61 | # Clone repository 62 | $ git clone git clone https://github.com/arista-netdevops-community/ansible-avd-cloudvision-demo.git 63 | 64 | # Move to folder 65 | $ cd ansible-avd-cloudvision-demo 66 | 67 | # Run demo shell using docker 68 | # Makefile approach 69 | $ make shell 70 | # Manual installation 71 | $ docker pull avdteam/base:3.6 72 | $ docker run --rm -it \ 73 | -v ./:/projects \ 74 | -v /etc/hosts:/etc/hosts avdteam/base:3.6 75 | 76 | # Install required ansible collections 77 | # Makefile approach 78 | $ make install 79 | # Manual installation 80 | $ ansible-galaxy collection install arista.avd:==2.0.0 81 | $ ansible-galaxy collection install arista.cvp:==2.1.2 82 | ``` 83 | 84 | ## Configure DHCP server on CloudVision 85 | 86 | In this scenario, we use CloudVision (CV) as ZTP server to provision devices and register them onto CV. 87 | 88 | Once you get mac-address of your switches, edit file `/etc/dhcp/dhcpd.conf` in CloudVision. In this scenario, CV use following address to connect to devices: `10.255.0.1` 89 | 90 | If CVP has not been configured to activate ZTP services, it is higly recommended to follow [these steps](https://www.arista.com/en/cg-cv/cv-dhcp-service-for-zero-touch-provisioning-ztp-setup) 91 | 92 | ### Ansible playbook approach 93 | 94 | An ansible playbook is available to configure CloudVision to act as a DHCP server for your lab: 95 | 96 | - Edit variables in [__inventory/group_vars/CVP.yml__](inventory/group_vars/CVP.yml) 97 | 98 | ```yaml 99 | vars: 100 | ztp: 101 | default: 102 | registration: 'http://10.255.0.1/ztp/bootstrap' 103 | gateway: 10.255.0.3 104 | nameservers: 105 | - '10.255.0.3' 106 | general: 107 | subnets: 108 | - network: 10.255.0.0 109 | netmask: 255.255.255.0 110 | gateway: 10.255.0.3 111 | nameservers: 112 | - '10.255.0.3' 113 | start: 10.255.0.200 114 | end: 10.255.0.250 115 | lease_time: 300 116 | clients: 117 | - name: DC1-SPINE1 118 | mac: "0c:1d:c0:1d:62:01" 119 | ip4: 10.255.0.11 120 | ``` 121 | 122 | > Please ensure to use quote to define your mac-address. Otherwise in some cases, ansible might consider them as HEX string. 123 | 124 | - Edit information related to ztp host in [__inventory/inventory.yml__](inventory/inventory.yml) 125 | 126 | ```yaml 127 | all: 128 | children: 129 | CVP: 130 | hosts: 131 | ztp: 132 | ansible_host: 10.83.28.164 133 | ansible_user: root 134 | ansible_password: ansible 135 | cvp: 136 | ansible_httpapi_host: 10.83.28.164 137 | ansible_host: 10.83.28.164 138 | ansible_user: ansible 139 | ansible_password: ansible 140 | [...] 141 | ansible_httpapi_port: 443 142 | # Configuration to get Virtual Env information 143 | ansible_python_interpreter: $(which python) 144 | ``` 145 | 146 | - Run playbook: 147 | 148 | ```shell 149 | $ ansible-playbook playbooks/dc1-ztp-configuration.yml 150 | 151 | PLAY [Configure ZTP service on CloudVision] ***************** 152 | 153 | TASK [ztp-setup : Generate DHCPd configuration file] ******** 154 | ok: [ztp] 155 | 156 | TASK [ztp-setup : Check & activate DHCP service on ztp] ***** 157 | ok: [ztp] 158 | 159 | TASK [ztp-setup : Restart DHCP service on ztp] ************** 160 | changed: [ztp] 161 | 162 | PLAY RECAP ************************************************** 163 | ztp : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 164 | ``` 165 | 166 | ### Manual approach 167 | 168 | On your DHCP server, create configuration for all your devices. Below is an example for isc-dhcpd server. 169 | 170 | ```shell 171 | $ vi /etc/dhcp/dhcpd.conf 172 | 173 | subnet 10.255.0.0 netmask 255.255.255.0 { 174 | range 10.255.0.200 10.255.0.250; 175 | option routers 10.255.0.1; 176 | option domain-name-servers 10.83.28.52, 10.83.29.222; 177 | option bootfile-name "http://10.255.0.1/ztp/bootstrap"; 178 | } 179 | 180 | host DC1-SPINE1 { 181 | option host-name "DC1-SPINE1"; 182 | hardware ethernet 0c:1d:c0:1d:62:01; 183 | fixed-address 10.255.0.11; 184 | option bootfile-name "http://10.255.0.1/ztp/bootstrap"; 185 | } 186 | 187 | [...] 188 | 189 | ``` 190 | 191 | > Be sure to update ethernet address to match MAC addresses configured on your switches. 192 | 193 | Then, restart your DHCP server: 194 | 195 | ```shell 196 | $ service dhcpd restart 197 | ``` 198 | 199 | From here, you can start your devices and let CVP register them into `undefined` container. 200 | 201 | ## Update Inventory 202 | 203 | In the [__inventory/inventory.yml__](inventory/inventory.yml), update CloudVision information to target your own setup: 204 | 205 | ```yaml 206 | # inventory.yml 207 | all: 208 | children: 209 | CVP: 210 | hosts: 211 | ztp: 212 | ansible_host: 10.83.28.164 213 | ansible_user: root 214 | ansible_password: ansible 215 | cvp: 216 | ansible_httpapi_host: 10.83.28.164 217 | ansible_host: 10.83.28.164 218 | ansible_user: ansible 219 | ansible_password: ansible 220 | [...] 221 | ansible_httpapi_port: 443 222 | # Configuration to get Virtual Env information 223 | ansible_python_interpreter: $(which python) 224 | ``` 225 | 226 | Because Ansible will never connect to devices, there is no reason to configure IP address for EOS devices in [inventory file](inventory.ini). 227 | 228 | ## Update Fabric information 229 | 230 | > If you do not change IP addresses described above, this section is optional. 231 | 232 | __Edit [DC1_FABRIC.yml](inventory/group_vars/DC1_FABRIC.yml)__ 233 | 234 | - Add / Remove devices in the list. 235 | - Management IP of every device. 236 | 237 | In this example, we only use `spine` and `l3leafs` devices. Below is an example for `l3leafs`: 238 | 239 | ```yaml 240 | node_groups: 241 | DC1_LEAF1: 242 | bgp_as: 65101 243 | nodes: 244 | DC1-LEAF1A: 245 | id: 1 246 | mgmt_ip: 10.255.0.13/24 247 | spine_interfaces: [ Ethernet1, Ethernet1 ] 248 | DC1-LEAF1B: 249 | id: 2 250 | mgmt_ip: 10.255.0.14/24 251 | spine_interfaces: [ Ethernet2, Ethernet2 ] 252 | ``` 253 | 254 | You can also configure additional configlets available on Cloudvision to deploy additional configuration not generated by AVD project. These configlets **MUST** already be configured on CV side prior to run playbook. 255 | 256 | ```yaml 257 | # List of additional CVP configlets to bind to devices and containers 258 | # Configlets MUST be configured on CVP before running AVD playbooks. 259 | cv_configlets: 260 | containers: 261 | DC1_L3LEAFS: 262 | - ASE_GLOBAL-ALIASES 263 | devices: 264 | DC1-L2LEAF1A: 265 | - ASE_DEVICE-ALIASES.conf 266 | ``` 267 | 268 | __Edit [DC1.yml](inventory/group_vars/DC1.yml)__ 269 | 270 | - Manage your username. Configured username and password are: 271 | - admin / arista123 272 | - cvpdamin / arista123 273 | - ansible / ansible 274 | 275 | ```yaml 276 | # local users 277 | local_users: 278 | admin: 279 | privilege: 15 280 | role: network-admin 281 | sha512_password: "$6$Df86..." 282 | ``` 283 | 284 | You must use same user on CVP and EOS for the demo. 285 | 286 | - Update Ingest key. Default setup is none. 287 | - Update CVP IP address. 288 | 289 | ```yaml 290 | # Cloud Vision server information 291 | cvp_instance_ip: 10.255.0.1 292 | cvp_ingestauth_key: '' 293 | ``` 294 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2020, Arista Networks 2 | All rights reserved. 3 | 4 | Apache License 5 | Version 2.0, January 2004 6 | http://www.apache.org/licenses/ 7 | 8 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 9 | 10 | 1. Definitions. 11 | 12 | "License" shall mean the terms and conditions for use, reproduction, 13 | and distribution as defined by Sections 1 through 9 of this document. 14 | 15 | "Licensor" shall mean the copyright owner or entity authorized by 16 | the copyright owner that is granting the License. 17 | 18 | "Legal Entity" shall mean the union of the acting entity and all 19 | other entities that control, are controlled by, or are under common 20 | control with that entity. For the purposes of this definition, 21 | "control" means (i) the power, direct or indirect, to cause the 22 | direction or management of such entity, whether by contract or 23 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 24 | outstanding shares, or (iii) beneficial ownership of such entity. 25 | 26 | "You" (or "Your") shall mean an individual or Legal Entity 27 | exercising permissions granted by this License. 28 | 29 | "Source" form shall mean the preferred form for making modifications, 30 | including but not limited to software source code, documentation 31 | source, and configuration files. 32 | 33 | "Object" form shall mean any form resulting from mechanical 34 | transformation or translation of a Source form, including but 35 | not limited to compiled object code, generated documentation, 36 | and conversions to other media types. 37 | 38 | "Work" shall mean the work of authorship, whether in Source or 39 | Object form, made available under the License, as indicated by a 40 | copyright notice that is included in or attached to the work 41 | (an example is provided in the Appendix below). 42 | 43 | "Derivative Works" shall mean any work, whether in Source or Object 44 | form, that is based on (or derived from) the Work and for which the 45 | editorial revisions, annotations, elaborations, or other modifications 46 | represent, as a whole, an original work of authorship. For the purposes 47 | of this License, Derivative Works shall not include works that remain 48 | separable from, or merely link (or bind by name) to the interfaces of, 49 | the Work and Derivative Works thereof. 50 | 51 | "Contribution" shall mean any work of authorship, including 52 | the original version of the Work and any modifications or additions 53 | to that Work or Derivative Works thereof, that is intentionally 54 | submitted to Licensor for inclusion in the Work by the copyright owner 55 | or by an individual or Legal Entity authorized to submit on behalf of 56 | the copyright owner. For the purposes of this definition, "submitted" 57 | means any form of electronic, verbal, or written communication sent 58 | to the Licensor or its representatives, including but not limited to 59 | communication on electronic mailing lists, source code control systems, 60 | and issue tracking systems that are managed by, or on behalf of, the 61 | Licensor for the purpose of discussing and improving the Work, but 62 | excluding communication that is conspicuously marked or otherwise 63 | designated in writing by the copyright owner as "Not a Contribution." 64 | 65 | "Contributor" shall mean Licensor and any individual or Legal Entity 66 | on behalf of whom a Contribution has been received by Licensor and 67 | subsequently incorporated within the Work. 68 | 69 | 2. Grant of Copyright License. Subject to the terms and conditions of 70 | this License, each Contributor hereby grants to You a perpetual, 71 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 72 | copyright license to reproduce, prepare Derivative Works of, 73 | publicly display, publicly perform, sublicense, and distribute the 74 | Work and such Derivative Works in Source or Object form. 75 | 76 | 3. Grant of Patent License. Subject to the terms and conditions of 77 | this License, each Contributor hereby grants to You a perpetual, 78 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 79 | (except as stated in this section) patent license to make, have made, 80 | use, offer to sell, sell, import, and otherwise transfer the Work, 81 | where such license applies only to those patent claims licensable 82 | by such Contributor that are necessarily infringed by their 83 | Contribution(s) alone or by combination of their Contribution(s) 84 | with the Work to which such Contribution(s) was submitted. If You 85 | institute patent litigation against any entity (including a 86 | cross-claim or counterclaim in a lawsuit) alleging that the Work 87 | or a Contribution incorporated within the Work constitutes direct 88 | or contributory patent infringement, then any patent licenses 89 | granted to You under this License for that Work shall terminate 90 | as of the date such litigation is filed. 91 | 92 | 4. Redistribution. You may reproduce and distribute copies of the 93 | Work or Derivative Works thereof in any medium, with or without 94 | modifications, and in Source or Object form, provided that You 95 | meet the following conditions: 96 | 97 | (a) You must give any other recipients of the Work or 98 | Derivative Works a copy of this License; and 99 | 100 | (b) You must cause any modified files to carry prominent notices 101 | stating that You changed the files; and 102 | 103 | (c) You must retain, in the Source form of any Derivative Works 104 | that You distribute, all copyright, patent, trademark, and 105 | attribution notices from the Source form of the Work, 106 | excluding those notices that do not pertain to any part of 107 | the Derivative Works; and 108 | 109 | (d) If the Work includes a "NOTICE" text file as part of its 110 | distribution, then any Derivative Works that You distribute must 111 | include a readable copy of the attribution notices contained 112 | within such NOTICE file, excluding those notices that do not 113 | pertain to any part of the Derivative Works, in at least one 114 | of the following places: within a NOTICE text file distributed 115 | as part of the Derivative Works; within the Source form or 116 | documentation, if provided along with the Derivative Works; or, 117 | within a display generated by the Derivative Works, if and 118 | wherever such third-party notices normally appear. The contents 119 | of the NOTICE file are for informational purposes only and 120 | do not modify the License. You may add Your own attribution 121 | notices within Derivative Works that You distribute, alongside 122 | or as an addendum to the NOTICE text from the Work, provided 123 | that such additional attribution notices cannot be construed 124 | as modifying the License. 125 | 126 | You may add Your own copyright statement to Your modifications and 127 | may provide additional or different license terms and conditions 128 | for use, reproduction, or distribution of Your modifications, or 129 | for any such Derivative Works as a whole, provided Your use, 130 | reproduction, and distribution of the Work otherwise complies with 131 | the conditions stated in this License. 132 | 133 | 5. Submission of Contributions. Unless You explicitly state otherwise, 134 | any Contribution intentionally submitted for inclusion in the Work 135 | by You to the Licensor shall be under the terms and conditions of 136 | this License, without any additional terms or conditions. 137 | Notwithstanding the above, nothing herein shall supersede or modify 138 | the terms of any separate license agreement you may have executed 139 | with Licensor regarding such Contributions. 140 | 141 | 6. Trademarks. This License does not grant permission to use the trade 142 | names, trademarks, service marks, or product names of the Licensor, 143 | except as required for reasonable and customary use in describing the 144 | origin of the Work and reproducing the content of the NOTICE file. 145 | 146 | 7. Disclaimer of Warranty. Unless required by applicable law or 147 | agreed to in writing, Licensor provides the Work (and each 148 | Contributor provides its Contributions) on an "AS IS" BASIS, 149 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 150 | implied, including, without limitation, any warranties or conditions 151 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 152 | PARTICULAR PURPOSE. You are solely responsible for determining the 153 | appropriateness of using or redistributing the Work and assume any 154 | risks associated with Your exercise of permissions under this License. 155 | 156 | 8. Limitation of Liability. In no event and under no legal theory, 157 | whether in tort (including negligence), contract, or otherwise, 158 | unless required by applicable law (such as deliberate and grossly 159 | negligent acts) or agreed to in writing, shall any Contributor be 160 | liable to You for damages, including any direct, indirect, special, 161 | incidental, or consequential damages of any character arising as a 162 | result of this License or out of the use or inability to use the 163 | Work (including but not limited to damages for loss of goodwill, 164 | work stoppage, computer failure or malfunction, or any and all 165 | other commercial damages or losses), even if such Contributor 166 | has been advised of the possibility of such damages. 167 | 168 | 9. Accepting Warranty or Additional Liability. While redistributing 169 | the Work or Derivative Works thereof, You may choose to offer, 170 | and charge a fee for, acceptance of support, warranty, indemnity, 171 | or other liability obligations and/or rights consistent with this 172 | License. However, in accepting such obligations, You may act only 173 | on Your own behalf and on Your sole responsibility, not on behalf 174 | of any other Contributor, and only if You agree to indemnify, 175 | defend, and hold each Contributor harmless for any liability 176 | incurred by, or claims asserted against, such Contributor by reason 177 | of your accepting any such warranty or additional liability. 178 | 179 | END OF TERMS AND CONDITIONS 180 | 181 | APPENDIX: How to apply the Apache License to your work. 182 | 183 | To apply the Apache License to your work, attach the following 184 | boilerplate notice, with the fields enclosed by brackets "[]" 185 | replaced with your own identifying information. (Don't include 186 | the brackets!) The text should be enclosed in the appropriate 187 | comment syntax for the file format. We also recommend that a 188 | file or class name and description of purpose be included on the 189 | same "printed page" as the copyright notice for easier 190 | identification within third-party archives. 191 | 192 | Copyright 2019 Arista Networks 193 | 194 | Licensed under the Apache License, Version 2.0 (the "License"); 195 | you may not use this file except in compliance with the License. 196 | You may obtain a copy of the License at 197 | 198 | http://www.apache.org/licenses/LICENSE-2.0 199 | 200 | Unless required by applicable law or agreed to in writing, software 201 | distributed under the License is distributed on an "AS IS" BASIS, 202 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 203 | See the License for the specific language governing permissions and 204 | limitations under the License. -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | CONTAINER ?= avdteam/base:3.8-edge 2 | VSCODE_CONTAINER ?= avdteam/vscode:latest 3 | VSCODE_PORT ?= 8080 4 | HOME_DIR = $(shell pwd) 5 | AVD_COLLECTION_VERSION ?= 3.1.0 6 | CVP_COLLECTION_VERSION ?= 3.2.0 7 | 8 | help: ## Display help message 9 | @grep -E '^[0-9a-zA-Z_-]+\.*[0-9a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' 10 | 11 | ################################################################################ 12 | # AVD Commands 13 | ################################################################################ 14 | 15 | .PHONY: build 16 | build: ## Run ansible playbook to build EVPN Fabric configuration. 17 | ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags build 18 | 19 | .PHONY: provision 20 | provision: ## Run ansible playbook to deploy EVPN Fabric. 21 | ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --tags provision 22 | 23 | .PHONY: deploy 24 | deploy: ## Run ansible playbook to deploy EVPN Fabric. 25 | ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml --extra-vars "execute_tasks=true" --tags "build,provision,apply" 26 | 27 | .PHONY: reset 28 | reset: ## Run ansible playbook to reset all devices. 29 | ansible-playbook playbooks/dc1-fabric-reset-cvp.yml 30 | 31 | .PHONY: ztp 32 | ztp: ## Configure ZTP server 33 | ansible-playbook playbooks/dc1-ztp-configuration.yml 34 | 35 | .PHONY: configlet-upload 36 | configlet-upload: ## Upload configlets available in configlets/ to CVP. 37 | ansible-playbook playbooks/dc1-upload-configlets.yml 38 | 39 | .PHONY: install-git 40 | install-git: ## Install Ansible collections from git 41 | git clone --depth 1 --branch v$(AVD_COLLECTION_VERSION) https://github.com/aristanetworks/ansible-avd.git 42 | git clone --depth 1 --branch v$(CVP_COLLECTION_VERSION) https://github.com/aristanetworks/ansible-cvp.git 43 | pip3 install -r ansible-avd/development/requirements.txt 44 | 45 | .PHONY: install 46 | install: ## Install Ansible collections 47 | ansible-galaxy collection install arista.avd:==${AVD_COLLECTION_VERSION} 48 | ansible-galaxy collection install arista.cvp:==${CVP_COLLECTION_VERSION} 49 | 50 | .PHONY: uninstall 51 | uninstall: ## Remove collection from ansible 52 | rm -rf ansible-avd 53 | rm -rf ansible-cvp 54 | 55 | .PHONY: webdoc 56 | webdoc: ## Build documentation to publish static content 57 | mkdocs build -f mkdocs.yml 58 | 59 | .PHONY: shell 60 | shell: ## Start docker to get a preconfigured shell 61 | docker pull $(CONTAINER) && \ 62 | docker run --rm -it \ 63 | -v $(HOME_DIR)/:/projects \ 64 | -v /etc/hosts:/etc/hosts $(CONTAINER) 65 | 66 | .PHONY: vscode 67 | vscode: ## Run a vscode server on port 8080 68 | docker run --rm -it -d \ 69 | -e AVD_GIT_USER="$(git config --get user.name)" \ 70 | -e AVD_GIT_EMAIL="$(git config --get user.email)" \ 71 | -v $(HOME_DIR):/home/avd/ansible-avd-cloudvision-demo \ 72 | -p $(VSCODE_PORT):8080 $(VSCODE_CONTAINER) 73 | @echo "---------------" 74 | @echo "VScode for AVD: http://127.0.0.1:$(VSCODE_PORT)/?folder=/home/avd/ansible-avd-cloudvision-demo" 75 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ![](https://img.shields.io/badge/Arista-CVP%20Automation-blue) ![](https://img.shields.io/badge/Arista-EOS%20Automation-blue) ![Ansible Code Execution](https://github.com/arista-netdevops-community/ansible-avd-cloudvision-demo/workflows/Ansible%20Code%20Execution/badge.svg) ![GitHub](https://img.shields.io/github/license/arista-netdevops-community/ansible-avd-cloudvision-demo) 2 | # Arista Validated Design with CloudVision deployment 3 | 4 | ## About 5 | 6 | This example implement a basic __EVPN/VXLAN Fabric__ based on __[Arista Validated Design roles](https://github.com/aristanetworks/ansible-avd)__ with one layer of 2 spines and one layer of leafs (4 devices) using MLAG. Configuration deployment is not managed by eos EAPI, but through Arista CloudVision based on __[arista.cvp collection](https://github.com/aristanetworks/ansible-cvp/)__ 7 | 8 | It helps to demonstrate how to bring up an Arista EVPN/VXLAN Fabric from the first boot. 9 | 10 | ![Lab Topology](data/cloudvision-device-topology.png) 11 | 12 | > Lab is based on EVE-NG topology and a CloudVision server running on a VMware instance. A complete guide to setup Arista EOS devices on EVE is available on [AVD website](https://avd.sh/en/latest/docs/how-to/lab-with-nat/) 13 | 14 | ## Getting Started 15 | 16 | For detailed setup and demo, please refer to [resources](#resources) below. 17 | 18 | > It is recommended to use [docker image](https://hub.docker.com/repository/docker/avdteam/base) with all [arista.cvp](https://github.com/aristanetworks/ansible-cvp) and [arista.avd](https://github.com/aristanetworks/ansible-avd) [requirements](https://avd.sh/en/latest/docs/installation/requirements/). It is done with `make shell` command. 19 | 20 | ```shell 21 | # Clone repository 22 | $ git clone https://github.com/arista-netdevops-community/ansible-avd-cloudvision-demo.git 23 | 24 | # Move to folder 25 | $ cd ansible-avd-cloudvision-demo 26 | 27 | # Run demo shell using docker (optional) 28 | $ make shell 29 | 30 | # Install required ansible collections 31 | $ ansible-galaxy collection install arista.avd:==2.0.0 32 | $ ansible-galaxy collection install arista.cvp:==2.1.2 33 | 34 | # Edit Inventory information & Authentication information 35 | $ vim inventory/inventory.yml 36 | 37 | # Edit ZTP information 38 | $ vim inventory/group_vars/CVP.yml 39 | 40 | # Provision Zero Touch Provisioning server 41 | $ ansible-playbook playbooks/dc1-ztp-configuration.yml 42 | 43 | # Power Up devices 44 | # Wait for devices to be available in CVP 45 | 46 | # Run Ansible playbook 47 | $ ansible-playbook playbooks/dc1-fabric-deploy-cvp.yml 48 | ``` 49 | 50 | > Getting started does not include management IP configuration. For complete installation, please refer to [installation guide](INSTALLATION.md) to configure correct environment. 51 | 52 | ## Resources 53 | 54 | - Ansible [Arista Validated Design](https://github.com/aristanetworks/ansible-avd) repository. 55 | - [Ansible CloudVision Collection](https://github.com/aristanetworks/ansible-cvp) repository. 56 | - [How to install](INSTALLATION.md) demo environment. 57 | - [Detailed demo script](DEMO.md). 58 | 59 | ## License 60 | 61 | Project is published under [Apache License](LICENSE). 62 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | host_key_checking = False 3 | inventory =./inventory/inventory.yml 4 | gathering = explicit 5 | retry_files_enabled = False 6 | filter_plugins = ansible-avd/plugins/filters 7 | roles_path = ansible-avd/roles 8 | library = ansible-avd/library 9 | collections_paths = ~/.ansible/collections:./ansible-cvp:./ansible-avd:../ansible-cvp:../ansible-avd:/usr/share/ansible/collections 10 | action_plugins = /usr/lib/python2.7/site-packages/napalm_ansible/plugins/action 11 | jinja2_extensions = jinja2.ext.loopcontrols,jinja2.ext.do,jinja2.ext.i18n 12 | # enable the YAML callback plugin. 13 | stdout_callback = yaml 14 | # enable the stdout_callback when running ad-hoc commands. 15 | bin_ansible_callbacks = True 16 | command_warnings=False 17 | 18 | [persistent_connection] 19 | connect_timeout = 120 20 | command_timeout = 120 21 | -------------------------------------------------------------------------------- /configlets/GLOBAL-ALIASES.conf: -------------------------------------------------------------------------------- 1 | alias sib show ip bgp 2 | alias sibs show ip bgp summary 3 | alias siib show ip int brief 4 | alias sir show ip route 5 | alias senz show interface counter error | nz 6 | alias snz show interface counter | nz 7 | alias sps show port-channel summary 8 | alias spd show port-channel %1 detail all 9 | alias sqnz show interface counter queue | nz 10 | alias srnz show interface counter rate | nz 11 | alias smac show mac address-table dynamic 12 | alias sarp show ip arp -------------------------------------------------------------------------------- /data/cloudvision-deployed-configlet.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/ansible-avd-cloudvision-demo/ba6774f809c145752dd1cef310b01db83092bcab/data/cloudvision-deployed-configlet.png -------------------------------------------------------------------------------- /data/cloudvision-device-topology.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/ansible-avd-cloudvision-demo/ba6774f809c145752dd1cef310b01db83092bcab/data/cloudvision-device-topology.png -------------------------------------------------------------------------------- /data/cloudvision-initial-configlet.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/ansible-avd-cloudvision-demo/ba6774f809c145752dd1cef310b01db83092bcab/data/cloudvision-initial-configlet.png -------------------------------------------------------------------------------- /data/cloudvision-uploaded-configlets.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/ansible-avd-cloudvision-demo/ba6774f809c145752dd1cef310b01db83092bcab/data/cloudvision-uploaded-configlets.png -------------------------------------------------------------------------------- /data/cloudvision-ztpd-devices.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/ansible-avd-cloudvision-demo/ba6774f809c145752dd1cef310b01db83092bcab/data/cloudvision-ztpd-devices.png -------------------------------------------------------------------------------- /data/figure-2-cloudvision-change-control.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/ansible-avd-cloudvision-demo/ba6774f809c145752dd1cef310b01db83092bcab/data/figure-2-cloudvision-change-control.png -------------------------------------------------------------------------------- /data/lab-topology.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/ansible-avd-cloudvision-demo/ba6774f809c145752dd1cef310b01db83092bcab/data/lab-topology.png -------------------------------------------------------------------------------- /data/streaming-inventory.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/arista-netdevops-community/ansible-avd-cloudvision-demo/ba6774f809c145752dd1cef310b01db83092bcab/data/streaming-inventory.png -------------------------------------------------------------------------------- /inventory/documentation/DC1_FABRIC/DC1_FABRIC-p2p-links.csv: -------------------------------------------------------------------------------- 1 | type, Leaf Node,Leaf Interface,Leaf IP Address,Port-Channel,Peer Node,Peer Interface,Peer IP Address,Port-Channel 2 | L3 Leaf,DC1-LEAF1A,Ethernet1,172.31.255.1/31,N/A,DC1-SPINE1,Ethernet1,172.31.255.0/31,N/A 3 | L3 Leaf,DC1-LEAF1A,Ethernet2,172.31.255.3/31,N/A,DC1-SPINE2,Ethernet1,172.31.255.2/31,N/A 4 | L3 Leaf,DC1-LEAF1B,Ethernet1,172.31.255.5/31,N/A,DC1-SPINE1,Ethernet2,172.31.255.4/31,N/A 5 | L3 Leaf,DC1-LEAF1B,Ethernet2,172.31.255.7/31,N/A,DC1-SPINE2,Ethernet2,172.31.255.6/31,N/A 6 | L3 Leaf,DC1-LEAF2A,Ethernet1,172.31.255.9/31,N/A,DC1-SPINE1,Ethernet3,172.31.255.8/31,N/A 7 | L3 Leaf,DC1-LEAF2A,Ethernet2,172.31.255.11/31,N/A,DC1-SPINE2,Ethernet3,172.31.255.10/31,N/A 8 | L3 Leaf,DC1-LEAF2B,Ethernet1,172.31.255.13/31,N/A,DC1-SPINE1,Ethernet4,172.31.255.12/31,N/A 9 | L3 Leaf,DC1-LEAF2B,Ethernet2,172.31.255.15/31,N/A,DC1-SPINE2,Ethernet4,172.31.255.14/31,N/A 10 | L2 Leaf,DC1-L2LEAF1A,Ethernet1,N/A,Po1,DC1-LEAF1A,Ethernet5,N/A,Po5 11 | L2 Leaf,DC1-L2LEAF1A,Ethernet2,N/A,Po1,DC1-LEAF1B,Ethernet5,N/A,Po5 12 | L2 Leaf,DC1-L2LEAF2A,Ethernet1,N/A,Po1,DC1-LEAF2A,Ethernet5,N/A,Po5 13 | L2 Leaf,DC1-L2LEAF2A,Ethernet2,N/A,Po1,DC1-LEAF2B,Ethernet5,N/A,Po5 14 | -------------------------------------------------------------------------------- /inventory/documentation/DC1_FABRIC/DC1_FABRIC-topology.csv: -------------------------------------------------------------------------------- 1 | Node Type,Node,Node Interface,Peer Type,Peer,Peer Interface 2 | spine,DC1-SPINE1,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet1 3 | spine,DC1-SPINE1,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet1 4 | spine,DC1-SPINE1,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet1 5 | spine,DC1-SPINE1,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet1 6 | spine,DC1-SPINE2,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet2 7 | spine,DC1-SPINE2,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet2 8 | spine,DC1-SPINE2,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet2 9 | spine,DC1-SPINE2,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet2 10 | l3leaf,DC1-LEAF1A,Ethernet1,spine,DC1-SPINE1,Ethernet1 11 | l3leaf,DC1-LEAF1A,Ethernet2,spine,DC1-SPINE2,Ethernet1 12 | l3leaf,DC1-LEAF1A,Ethernet3,mlag_peer,DC1-LEAF1B,Ethernet3 13 | l3leaf,DC1-LEAF1A,Ethernet4,mlag_peer,DC1-LEAF1B,Ethernet4 14 | l3leaf,DC1-LEAF1A,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet1 15 | l3leaf,DC1-LEAF1B,Ethernet1,spine,DC1-SPINE1,Ethernet2 16 | l3leaf,DC1-LEAF1B,Ethernet2,spine,DC1-SPINE2,Ethernet2 17 | l3leaf,DC1-LEAF1B,Ethernet3,mlag_peer,DC1-LEAF1A,Ethernet3 18 | l3leaf,DC1-LEAF1B,Ethernet4,mlag_peer,DC1-LEAF1A,Ethernet4 19 | l3leaf,DC1-LEAF1B,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet2 20 | l3leaf,DC1-LEAF2A,Ethernet1,spine,DC1-SPINE1,Ethernet3 21 | l3leaf,DC1-LEAF2A,Ethernet2,spine,DC1-SPINE2,Ethernet3 22 | l3leaf,DC1-LEAF2A,Ethernet3,mlag_peer,DC1-LEAF2B,Ethernet3 23 | l3leaf,DC1-LEAF2A,Ethernet4,mlag_peer,DC1-LEAF2B,Ethernet4 24 | l3leaf,DC1-LEAF2A,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet1 25 | l3leaf,DC1-LEAF2B,Ethernet1,spine,DC1-SPINE1,Ethernet4 26 | l3leaf,DC1-LEAF2B,Ethernet2,spine,DC1-SPINE2,Ethernet4 27 | l3leaf,DC1-LEAF2B,Ethernet3,mlag_peer,DC1-LEAF2A,Ethernet3 28 | l3leaf,DC1-LEAF2B,Ethernet4,mlag_peer,DC1-LEAF2A,Ethernet4 29 | l3leaf,DC1-LEAF2B,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet2 30 | l2leaf,DC1-L2LEAF1A,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet5 31 | l2leaf,DC1-L2LEAF1A,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet5 32 | l2leaf,DC1-L2LEAF1A,Ethernet5,server,server01,Eth0 33 | l2leaf,DC1-L2LEAF2A,Ethernet1,l3leaf,DC1-LEAF2A,Ethernet5 34 | l2leaf,DC1-L2LEAF2A,Ethernet2,l3leaf,DC1-LEAF2B,Ethernet5 35 | l2leaf,DC1-L2LEAF2A,Ethernet5,server,server02,Eth0 36 | -------------------------------------------------------------------------------- /inventory/documentation/DC1_FABRIC/DC1_FABRIC.md: -------------------------------------------------------------------------------- 1 | # DC1_FABRIC 2 | 3 | ## Table of Contents 4 | 5 | - [DC1_FABRIC](#dc1fabric ) 6 | - [Fabric Switches and Management IP](#fabric-switches-and-management-ip) 7 | - [Fabric Topology](#fabric-topology) 8 | - [Fabric IP Allocation](#fabric-ip-allocation) 9 | - [Fabric Point-To-Point Links](#fabric-point-to-point-links) 10 | - [Point-To-Point Links Node Allocation](#point-to-point-links-node-allocation) 11 | - [Overlay Loopback Interfaces (BGP EVPN Peering)](#overlay-loopback-interfaces-bgp-evpn-peering) 12 | - [Loopback0 Interfaces Node Allocation](#loopback0-interfaces-node-allocation) 13 | - [VTEP Loopback VXLAN Tunnel Source Interfaces (Leafs Only)](#vtep-loopback-vxlan-tunnel-source-interfaces-leafs-only) 14 | - [VTEP Loopback Node allocation](#vtep-loopback-node-allocation) 15 | 16 | ## Fabric Switches and Management IP 17 | 18 | | Node | Management IP | Platform | 19 | | ---- | ------------- | -------- | 20 | | DC1-SPINE1 | 10.255.0.11/24 | vEOS-LAB | 21 | | DC1-SPINE2 | 10.255.0.12/24 | vEOS-LAB | 22 | | DC1-LEAF1A | 10.255.0.13/24 | vEOS-LAB | 23 | | DC1-LEAF1B | 10.255.0.14/24 | vEOS-LAB | 24 | | DC1-LEAF2A | 10.255.0.15/24 | vEOS-LAB | 25 | | DC1-LEAF2B | 10.255.0.16/24 | vEOS-LAB | 26 | | DC1-L2LEAF1A | 10.255.0.17/24 | vEOS-LAB | 27 | | DC1-L2LEAF2A | 10.255.0.18/24 | vEOS-LAB | 28 | 29 | ## Fabric Topology 30 | 31 | | Type | Leaf Node | Leaf Interface | Peer Node | Peer Interface | 32 | | ---- | --------- | -------------- | --------- | -------------- | 33 | | L3 Leaf | DC1-LEAF1A | Ethernet1 | DC1-SPINE1 | Ethernet1 | 34 | | L3 Leaf | DC1-LEAF1A | Ethernet2 | DC1-SPINE2 | Ethernet1 | 35 | | L3 Leaf | DC1-LEAF1B | Ethernet1 | DC1-SPINE1 | Ethernet2 | 36 | | L3 Leaf | DC1-LEAF1B | Ethernet2 | DC1-SPINE2 | Ethernet2 | 37 | | L3 Leaf | DC1-LEAF2A | Ethernet1 | DC1-SPINE1 | Ethernet3 | 38 | | L3 Leaf | DC1-LEAF2A | Ethernet2 | DC1-SPINE2 | Ethernet3 | 39 | | L3 Leaf | DC1-LEAF2B | Ethernet1 | DC1-SPINE1 | Ethernet4 | 40 | | L3 Leaf | DC1-LEAF2B | Ethernet2 | DC1-SPINE2 | Ethernet4 | 41 | | L2 Leaf | DC1-L2LEAF1A | Ethernet1 | DC1-LEAF1A | Ethernet5 | 42 | | L2 Leaf | DC1-L2LEAF1A | Ethernet2 | DC1-LEAF1B | Ethernet5 | 43 | | L2 Leaf | DC1-L2LEAF2A | Ethernet1 | DC1-LEAF2A | Ethernet5 | 44 | | L2 Leaf | DC1-L2LEAF2A | Ethernet2 | DC1-LEAF2B | Ethernet5 | 45 | 46 | ## Fabric IP Allocation 47 | 48 | ### Fabric Point-To-Point Links 49 | 50 | | P2P Summary | Available Addresses | Assigned addresses | Assigned Address % | 51 | | ----------- | ------------------- | ------------------ | ------------------ | 52 | | 172.31.255.0/24 | 256 | 16 | 6.25 % | 53 | 54 | ### Point-To-Point Links Node Allocation 55 | 56 | | Leaf Node | Leaf Interface | Leaf IP Address | Spine Node | Spine Interface | Spine IP Address | 57 | | --------- | -------------- | --------------- | ---------- | --------------- | ---------------- | 58 | | DC1-LEAF1A | Ethernet1 | 172.31.255.1/31 | DC1-SPINE1 | Ethernet1 | 172.31.255.0/31 | 59 | | DC1-LEAF1A | Ethernet2 | 172.31.255.3/31 | DC1-SPINE2 | Ethernet1 | 172.31.255.2/31 | 60 | | DC1-LEAF1B | Ethernet1 | 172.31.255.5/31 | DC1-SPINE1 | Ethernet2 | 172.31.255.4/31 | 61 | | DC1-LEAF1B | Ethernet2 | 172.31.255.7/31 | DC1-SPINE2 | Ethernet2 | 172.31.255.6/31 | 62 | | DC1-LEAF2A | Ethernet1 | 172.31.255.9/31 | DC1-SPINE1 | Ethernet3 | 172.31.255.8/31 | 63 | | DC1-LEAF2A | Ethernet2 | 172.31.255.11/31 | DC1-SPINE2 | Ethernet3 | 172.31.255.10/31 | 64 | | DC1-LEAF2B | Ethernet1 | 172.31.255.13/31 | DC1-SPINE1 | Ethernet4 | 172.31.255.12/31 | 65 | | DC1-LEAF2B | Ethernet2 | 172.31.255.15/31 | DC1-SPINE2 | Ethernet4 | 172.31.255.14/31 | 66 | 67 | ### Overlay Loopback Interfaces (BGP EVPN Peering) 68 | 69 | | Overlay Loopback Summary | Available Addresses | Assigned addresses | Assigned Address % | 70 | | ------------------------ | ------------------- | ------------------ | ------------------ | 71 | | 192.168.255.0/24 | 256 | 6 | 2.35 % | 72 | 73 | ### Loopback0 Interfaces Node Allocation 74 | 75 | | Node | Loopback0 | 76 | | ---- | --------- | 77 | | DC1-SPINE1 | 192.168.255.1/32 | 78 | | DC1-SPINE2 | 192.168.255.2/32 | 79 | | DC1-LEAF1A | 192.168.255.3/32 | 80 | | DC1-LEAF1B | 192.168.255.4/32 | 81 | | DC1-LEAF2A | 192.168.255.5/32 | 82 | | DC1-LEAF2B | 192.168.255.6/32 | 83 | 84 | ### VTEP Loopback VXLAN Tunnel Source Interfaces (Leafs Only) 85 | 86 | | VTEP Loopback Summary | Available Addresses | Assigned addresses | Assigned Address % | 87 | | --------------------- | ------------------- | ------------------ | ------------------ | 88 | | 192.168.254.0/24 | 256 | 4 | 1.57 % | 89 | 90 | ### VTEP Loopback Node allocation 91 | 92 | | Node | Loopback1 | 93 | | ---- | --------- | 94 | | DC1-LEAF1A | 192.168.254.3/32 | 95 | | DC1-LEAF1B | 192.168.254.3/32 | 96 | | DC1-LEAF2A | 192.168.254.5/32 | 97 | | DC1-LEAF2B | 192.168.254.5/32 | 98 | -------------------------------------------------------------------------------- /inventory/documentation/devices/DC1-L2LEAF1A.md: -------------------------------------------------------------------------------- 1 | # DC1-L2LEAF1A 2 | # Table of Contents 3 | 4 | 5 | - [Management](#management) 6 | - [Management Interfaces](#management-interfaces) 7 | - [Name Servers](#name-servers) 8 | - [NTP](#ntp) 9 | - [Management API HTTP](#management-api-http) 10 | - [Authentication](#authentication) 11 | - [Local Users](#local-users) 12 | - [Monitoring](#monitoring) 13 | - [TerminAttr Daemon](#terminattr-daemon) 14 | - [Spanning Tree](#spanning-tree) 15 | - [Spanning Tree Summary](#spanning-tree-summary) 16 | - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) 17 | - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) 18 | - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) 19 | - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) 20 | - [VLANs](#vlans) 21 | - [VLANs Summary](#vlans-summary) 22 | - [VLANs Device Configuration](#vlans-device-configuration) 23 | - [Interfaces](#interfaces) 24 | - [Ethernet Interfaces](#ethernet-interfaces) 25 | - [Port-Channel Interfaces](#port-channel-interfaces) 26 | - [Routing](#routing) 27 | - [Service Routing Protocols Model](#service-routing-protocols-model) 28 | - [IP Routing](#ip-routing) 29 | - [IPv6 Routing](#ipv6-routing) 30 | - [Static Routes](#static-routes) 31 | - [Multicast](#multicast) 32 | - [IP IGMP Snooping](#ip-igmp-snooping) 33 | - [Filters](#filters) 34 | - [ACL](#acl) 35 | - [VRF Instances](#vrf-instances) 36 | - [VRF Instances Summary](#vrf-instances-summary) 37 | - [VRF Instances Device Configuration](#vrf-instances-device-configuration) 38 | - [Quality Of Service](#quality-of-service) 39 | 40 | 41 | # Management 42 | 43 | ## Management Interfaces 44 | 45 | ### Management Interfaces Summary 46 | 47 | #### IPv4 48 | 49 | | Management Interface | description | Type | VRF | IP Address | Gateway | 50 | | -------------------- | ----------- | ---- | --- | ---------- | ------- | 51 | | Management1 | oob_management | oob | MGMT | 10.255.0.17/24 | 10.255.0.1 | 52 | 53 | #### IPv6 54 | 55 | | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | 56 | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | 57 | | Management1 | oob_management | oob | MGMT | - | - | 58 | 59 | ### Management Interfaces Device Configuration 60 | 61 | ```eos 62 | ! 63 | interface Management1 64 | description oob_management 65 | no shutdown 66 | vrf MGMT 67 | ip address 10.255.0.17/24 68 | ``` 69 | 70 | ## Name Servers 71 | 72 | ### Name Servers Summary 73 | 74 | | Name Server | Source VRF | 75 | | ----------- | ---------- | 76 | | 192.168.2.1 | MGMT | 77 | | 8.8.8.8 | MGMT | 78 | 79 | ### Name Servers Device Configuration 80 | 81 | ```eos 82 | ip name-server vrf MGMT 8.8.8.8 83 | ip name-server vrf MGMT 192.168.2.1 84 | ``` 85 | 86 | ## NTP 87 | 88 | ### NTP Summary 89 | 90 | #### NTP Local Interface 91 | 92 | | Interface | VRF | 93 | | --------- | --- | 94 | | Management1 | MGMT | 95 | 96 | #### NTP Servers 97 | 98 | | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | 99 | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | 100 | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | 101 | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | 102 | 103 | ### NTP Device Configuration 104 | 105 | ```eos 106 | ! 107 | ntp local-interface vrf MGMT Management1 108 | ntp server vrf MGMT 0.fr.pool.ntp.org prefer 109 | ntp server vrf MGMT 1.fr.pool.ntp.org 110 | ``` 111 | 112 | ## Management API HTTP 113 | 114 | ### Management API HTTP Summary 115 | 116 | | HTTP | HTTPS | 117 | | ---------- | ---------- | 118 | | default | true | 119 | 120 | ### Management API VRF Access 121 | 122 | | VRF Name | IPv4 ACL | IPv6 ACL | 123 | | -------- | -------- | -------- | 124 | | MGMT | - | - | 125 | 126 | 127 | ### Management API HTTP Configuration 128 | 129 | ```eos 130 | ! 131 | management api http-commands 132 | protocol https 133 | no shutdown 134 | ! 135 | vrf MGMT 136 | no shutdown 137 | ``` 138 | 139 | # Authentication 140 | 141 | ## Local Users 142 | 143 | ### Local Users Summary 144 | 145 | | User | Privilege | Role | 146 | | ---- | --------- | ---- | 147 | | admin | 15 | network-admin | 148 | | ansible | 15 | network-admin | 149 | | cvpadmin | 15 | network-admin | 150 | 151 | ### Local Users Device Configuration 152 | 153 | ```eos 154 | ! 155 | username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 156 | username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 157 | username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 158 | ``` 159 | 160 | # Monitoring 161 | 162 | ## TerminAttr Daemon 163 | 164 | ### TerminAttr Daemon Summary 165 | 166 | | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | 167 | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | 168 | | gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | 169 | 170 | ### TerminAttr Daemon Device Configuration 171 | 172 | ```eos 173 | ! 174 | daemon TerminAttr 175 | exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs 176 | no shutdown 177 | ``` 178 | 179 | # Spanning Tree 180 | 181 | ## Spanning Tree Summary 182 | 183 | STP mode: **mstp** 184 | 185 | ### MSTP Instance and Priority 186 | 187 | | Instance(s) | Priority | 188 | | -------- | -------- | 189 | | 0 | 16384 | 190 | 191 | ### Global Spanning-Tree Settings 192 | 193 | 194 | ## Spanning Tree Device Configuration 195 | 196 | ```eos 197 | ! 198 | spanning-tree mode mstp 199 | spanning-tree mst 0 priority 16384 200 | ``` 201 | 202 | # Internal VLAN Allocation Policy 203 | 204 | ## Internal VLAN Allocation Policy Summary 205 | 206 | | Policy Allocation | Range Beginning | Range Ending | 207 | | ------------------| --------------- | ------------ | 208 | | ascending | 1006 | 1199 | 209 | 210 | ## Internal VLAN Allocation Policy Configuration 211 | 212 | ```eos 213 | ! 214 | vlan internal order ascending range 1006 1199 215 | ``` 216 | 217 | # VLANs 218 | 219 | ## VLANs Summary 220 | 221 | | VLAN ID | Name | Trunk Groups | 222 | | ------- | ---- | ------------ | 223 | | 110 | Tenant_A_OP_Zone_1 | - | 224 | | 111 | Tenant_A_OP_Zone_2 | - | 225 | | 112 | Tenant_A_OP_Zone_3 | - | 226 | | 120 | Tenant_A_WEB_Zone_1 | - | 227 | | 121 | Tenant_A_WEBZone_2 | - | 228 | | 130 | Tenant_A_APP_Zone_1 | - | 229 | | 131 | Tenant_A_APP_Zone_2 | - | 230 | 231 | ## VLANs Device Configuration 232 | 233 | ```eos 234 | ! 235 | vlan 110 236 | name Tenant_A_OP_Zone_1 237 | ! 238 | vlan 111 239 | name Tenant_A_OP_Zone_2 240 | ! 241 | vlan 112 242 | name Tenant_A_OP_Zone_3 243 | ! 244 | vlan 120 245 | name Tenant_A_WEB_Zone_1 246 | ! 247 | vlan 121 248 | name Tenant_A_WEBZone_2 249 | ! 250 | vlan 130 251 | name Tenant_A_APP_Zone_1 252 | ! 253 | vlan 131 254 | name Tenant_A_APP_Zone_2 255 | ``` 256 | 257 | # Interfaces 258 | 259 | ## Ethernet Interfaces 260 | 261 | ### Ethernet Interfaces Summary 262 | 263 | #### L2 264 | 265 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | 266 | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | 267 | | Ethernet1 | DC1-LEAF1A_Ethernet5 | *trunk | *110-112,120-121,130-131 | *- | *- | 1 | 268 | | Ethernet2 | DC1-LEAF1B_Ethernet5 | *trunk | *110-112,120-121,130-131 | *- | *- | 1 | 269 | | Ethernet5 | server01_Eth0 | access | 110 | - | - | - | 270 | 271 | *Inherited from Port-Channel Interface 272 | 273 | ### Ethernet Interfaces Device Configuration 274 | 275 | ```eos 276 | ! 277 | interface Ethernet1 278 | description DC1-LEAF1A_Ethernet5 279 | no shutdown 280 | channel-group 1 mode active 281 | ! 282 | interface Ethernet2 283 | description DC1-LEAF1B_Ethernet5 284 | no shutdown 285 | channel-group 1 mode active 286 | ! 287 | interface Ethernet5 288 | description server01_Eth0 289 | no shutdown 290 | switchport 291 | switchport access vlan 110 292 | switchport mode access 293 | ``` 294 | 295 | ## Port-Channel Interfaces 296 | 297 | ### Port-Channel Interfaces Summary 298 | 299 | #### L2 300 | 301 | | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | 302 | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | 303 | | Port-Channel1 | DC1_LEAF1_Po5 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | - | - | 304 | 305 | ### Port-Channel Interfaces Device Configuration 306 | 307 | ```eos 308 | ! 309 | interface Port-Channel1 310 | description DC1_LEAF1_Po5 311 | no shutdown 312 | switchport 313 | switchport trunk allowed vlan 110-112,120-121,130-131 314 | switchport mode trunk 315 | ``` 316 | 317 | # Routing 318 | ## Service Routing Protocols Model 319 | 320 | Multi agent routing protocol model enabled 321 | 322 | ```eos 323 | ! 324 | service routing protocols model multi-agent 325 | ``` 326 | 327 | ## IP Routing 328 | 329 | ### IP Routing Summary 330 | 331 | | VRF | Routing Enabled | 332 | | --- | --------------- | 333 | | default | true|| MGMT | false | 334 | 335 | ### IP Routing Device Configuration 336 | 337 | ```eos 338 | ! 339 | ip routing 340 | no ip routing vrf MGMT 341 | ``` 342 | ## IPv6 Routing 343 | 344 | ### IPv6 Routing Summary 345 | 346 | | VRF | Routing Enabled | 347 | | --- | --------------- | 348 | | default | false || MGMT | false | 349 | 350 | 351 | ## Static Routes 352 | 353 | ### Static Routes Summary 354 | 355 | | VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | 356 | | --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | 357 | | MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | 358 | 359 | ### Static Routes Device Configuration 360 | 361 | ```eos 362 | ! 363 | ip route vrf MGMT 0.0.0.0/0 10.255.0.1 364 | ``` 365 | 366 | # Multicast 367 | 368 | ## IP IGMP Snooping 369 | 370 | ### IP IGMP Snooping Summary 371 | 372 | IGMP snooping is globally enabled. 373 | 374 | 375 | ### IP IGMP Snooping Device Configuration 376 | 377 | ```eos 378 | ``` 379 | 380 | # Filters 381 | 382 | # ACL 383 | 384 | # VRF Instances 385 | 386 | ## VRF Instances Summary 387 | 388 | | VRF Name | IP Routing | 389 | | -------- | ---------- | 390 | | MGMT | disabled | 391 | 392 | ## VRF Instances Device Configuration 393 | 394 | ```eos 395 | ! 396 | vrf instance MGMT 397 | ``` 398 | 399 | # Quality Of Service 400 | -------------------------------------------------------------------------------- /inventory/documentation/devices/DC1-L2LEAF2A.md: -------------------------------------------------------------------------------- 1 | # DC1-L2LEAF2A 2 | # Table of Contents 3 | 4 | 5 | - [Management](#management) 6 | - [Management Interfaces](#management-interfaces) 7 | - [Name Servers](#name-servers) 8 | - [NTP](#ntp) 9 | - [Management API HTTP](#management-api-http) 10 | - [Authentication](#authentication) 11 | - [Local Users](#local-users) 12 | - [Monitoring](#monitoring) 13 | - [TerminAttr Daemon](#terminattr-daemon) 14 | - [Spanning Tree](#spanning-tree) 15 | - [Spanning Tree Summary](#spanning-tree-summary) 16 | - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) 17 | - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) 18 | - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) 19 | - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) 20 | - [VLANs](#vlans) 21 | - [VLANs Summary](#vlans-summary) 22 | - [VLANs Device Configuration](#vlans-device-configuration) 23 | - [Interfaces](#interfaces) 24 | - [Ethernet Interfaces](#ethernet-interfaces) 25 | - [Port-Channel Interfaces](#port-channel-interfaces) 26 | - [Routing](#routing) 27 | - [Service Routing Protocols Model](#service-routing-protocols-model) 28 | - [IP Routing](#ip-routing) 29 | - [IPv6 Routing](#ipv6-routing) 30 | - [Static Routes](#static-routes) 31 | - [Multicast](#multicast) 32 | - [IP IGMP Snooping](#ip-igmp-snooping) 33 | - [Filters](#filters) 34 | - [ACL](#acl) 35 | - [VRF Instances](#vrf-instances) 36 | - [VRF Instances Summary](#vrf-instances-summary) 37 | - [VRF Instances Device Configuration](#vrf-instances-device-configuration) 38 | - [Quality Of Service](#quality-of-service) 39 | 40 | 41 | # Management 42 | 43 | ## Management Interfaces 44 | 45 | ### Management Interfaces Summary 46 | 47 | #### IPv4 48 | 49 | | Management Interface | description | Type | VRF | IP Address | Gateway | 50 | | -------------------- | ----------- | ---- | --- | ---------- | ------- | 51 | | Management1 | oob_management | oob | MGMT | 10.255.0.18/24 | 10.255.0.1 | 52 | 53 | #### IPv6 54 | 55 | | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | 56 | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | 57 | | Management1 | oob_management | oob | MGMT | - | - | 58 | 59 | ### Management Interfaces Device Configuration 60 | 61 | ```eos 62 | ! 63 | interface Management1 64 | description oob_management 65 | no shutdown 66 | vrf MGMT 67 | ip address 10.255.0.18/24 68 | ``` 69 | 70 | ## Name Servers 71 | 72 | ### Name Servers Summary 73 | 74 | | Name Server | Source VRF | 75 | | ----------- | ---------- | 76 | | 192.168.2.1 | MGMT | 77 | | 8.8.8.8 | MGMT | 78 | 79 | ### Name Servers Device Configuration 80 | 81 | ```eos 82 | ip name-server vrf MGMT 8.8.8.8 83 | ip name-server vrf MGMT 192.168.2.1 84 | ``` 85 | 86 | ## NTP 87 | 88 | ### NTP Summary 89 | 90 | #### NTP Local Interface 91 | 92 | | Interface | VRF | 93 | | --------- | --- | 94 | | Management1 | MGMT | 95 | 96 | #### NTP Servers 97 | 98 | | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | 99 | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | 100 | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | 101 | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | 102 | 103 | ### NTP Device Configuration 104 | 105 | ```eos 106 | ! 107 | ntp local-interface vrf MGMT Management1 108 | ntp server vrf MGMT 0.fr.pool.ntp.org prefer 109 | ntp server vrf MGMT 1.fr.pool.ntp.org 110 | ``` 111 | 112 | ## Management API HTTP 113 | 114 | ### Management API HTTP Summary 115 | 116 | | HTTP | HTTPS | 117 | | ---------- | ---------- | 118 | | default | true | 119 | 120 | ### Management API VRF Access 121 | 122 | | VRF Name | IPv4 ACL | IPv6 ACL | 123 | | -------- | -------- | -------- | 124 | | MGMT | - | - | 125 | 126 | 127 | ### Management API HTTP Configuration 128 | 129 | ```eos 130 | ! 131 | management api http-commands 132 | protocol https 133 | no shutdown 134 | ! 135 | vrf MGMT 136 | no shutdown 137 | ``` 138 | 139 | # Authentication 140 | 141 | ## Local Users 142 | 143 | ### Local Users Summary 144 | 145 | | User | Privilege | Role | 146 | | ---- | --------- | ---- | 147 | | admin | 15 | network-admin | 148 | | ansible | 15 | network-admin | 149 | | cvpadmin | 15 | network-admin | 150 | 151 | ### Local Users Device Configuration 152 | 153 | ```eos 154 | ! 155 | username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 156 | username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 157 | username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 158 | ``` 159 | 160 | # Monitoring 161 | 162 | ## TerminAttr Daemon 163 | 164 | ### TerminAttr Daemon Summary 165 | 166 | | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | 167 | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | 168 | | gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | 169 | 170 | ### TerminAttr Daemon Device Configuration 171 | 172 | ```eos 173 | ! 174 | daemon TerminAttr 175 | exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs 176 | no shutdown 177 | ``` 178 | 179 | # Spanning Tree 180 | 181 | ## Spanning Tree Summary 182 | 183 | STP mode: **mstp** 184 | 185 | ### MSTP Instance and Priority 186 | 187 | | Instance(s) | Priority | 188 | | -------- | -------- | 189 | | 0 | 16384 | 190 | 191 | ### Global Spanning-Tree Settings 192 | 193 | 194 | ## Spanning Tree Device Configuration 195 | 196 | ```eos 197 | ! 198 | spanning-tree mode mstp 199 | spanning-tree mst 0 priority 16384 200 | ``` 201 | 202 | # Internal VLAN Allocation Policy 203 | 204 | ## Internal VLAN Allocation Policy Summary 205 | 206 | | Policy Allocation | Range Beginning | Range Ending | 207 | | ------------------| --------------- | ------------ | 208 | | ascending | 1006 | 1199 | 209 | 210 | ## Internal VLAN Allocation Policy Configuration 211 | 212 | ```eos 213 | ! 214 | vlan internal order ascending range 1006 1199 215 | ``` 216 | 217 | # VLANs 218 | 219 | ## VLANs Summary 220 | 221 | | VLAN ID | Name | Trunk Groups | 222 | | ------- | ---- | ------------ | 223 | | 110 | Tenant_A_OP_Zone_1 | - | 224 | | 111 | Tenant_A_OP_Zone_2 | - | 225 | | 112 | Tenant_A_OP_Zone_3 | - | 226 | | 120 | Tenant_A_WEB_Zone_1 | - | 227 | | 121 | Tenant_A_WEBZone_2 | - | 228 | | 130 | Tenant_A_APP_Zone_1 | - | 229 | | 131 | Tenant_A_APP_Zone_2 | - | 230 | 231 | ## VLANs Device Configuration 232 | 233 | ```eos 234 | ! 235 | vlan 110 236 | name Tenant_A_OP_Zone_1 237 | ! 238 | vlan 111 239 | name Tenant_A_OP_Zone_2 240 | ! 241 | vlan 112 242 | name Tenant_A_OP_Zone_3 243 | ! 244 | vlan 120 245 | name Tenant_A_WEB_Zone_1 246 | ! 247 | vlan 121 248 | name Tenant_A_WEBZone_2 249 | ! 250 | vlan 130 251 | name Tenant_A_APP_Zone_1 252 | ! 253 | vlan 131 254 | name Tenant_A_APP_Zone_2 255 | ``` 256 | 257 | # Interfaces 258 | 259 | ## Ethernet Interfaces 260 | 261 | ### Ethernet Interfaces Summary 262 | 263 | #### L2 264 | 265 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | 266 | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | 267 | | Ethernet1 | DC1-LEAF2A_Ethernet5 | *trunk | *110-112,120-121,130-131 | *- | *- | 1 | 268 | | Ethernet2 | DC1-LEAF2B_Ethernet5 | *trunk | *110-112,120-121,130-131 | *- | *- | 1 | 269 | | Ethernet5 | server02_Eth0 | access | 110 | - | - | - | 270 | 271 | *Inherited from Port-Channel Interface 272 | 273 | ### Ethernet Interfaces Device Configuration 274 | 275 | ```eos 276 | ! 277 | interface Ethernet1 278 | description DC1-LEAF2A_Ethernet5 279 | no shutdown 280 | channel-group 1 mode active 281 | ! 282 | interface Ethernet2 283 | description DC1-LEAF2B_Ethernet5 284 | no shutdown 285 | channel-group 1 mode active 286 | ! 287 | interface Ethernet5 288 | description server02_Eth0 289 | no shutdown 290 | switchport 291 | switchport access vlan 110 292 | switchport mode access 293 | ``` 294 | 295 | ## Port-Channel Interfaces 296 | 297 | ### Port-Channel Interfaces Summary 298 | 299 | #### L2 300 | 301 | | Interface | Description | Type | Mode | VLANs | Native VLAN | Trunk Group | LACP Fallback Timeout | LACP Fallback Mode | MLAG ID | EVPN ESI | 302 | | --------- | ----------- | ---- | ---- | ----- | ----------- | ------------| --------------------- | ------------------ | ------- | -------- | 303 | | Port-Channel1 | DC1_LEAF2_Po5 | switched | trunk | 110-112,120-121,130-131 | - | - | - | - | - | - | 304 | 305 | ### Port-Channel Interfaces Device Configuration 306 | 307 | ```eos 308 | ! 309 | interface Port-Channel1 310 | description DC1_LEAF2_Po5 311 | no shutdown 312 | switchport 313 | switchport trunk allowed vlan 110-112,120-121,130-131 314 | switchport mode trunk 315 | ``` 316 | 317 | # Routing 318 | ## Service Routing Protocols Model 319 | 320 | Multi agent routing protocol model enabled 321 | 322 | ```eos 323 | ! 324 | service routing protocols model multi-agent 325 | ``` 326 | 327 | ## IP Routing 328 | 329 | ### IP Routing Summary 330 | 331 | | VRF | Routing Enabled | 332 | | --- | --------------- | 333 | | default | true|| MGMT | false | 334 | 335 | ### IP Routing Device Configuration 336 | 337 | ```eos 338 | ! 339 | ip routing 340 | no ip routing vrf MGMT 341 | ``` 342 | ## IPv6 Routing 343 | 344 | ### IPv6 Routing Summary 345 | 346 | | VRF | Routing Enabled | 347 | | --- | --------------- | 348 | | default | false || MGMT | false | 349 | 350 | 351 | ## Static Routes 352 | 353 | ### Static Routes Summary 354 | 355 | | VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | 356 | | --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | 357 | | MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | 358 | 359 | ### Static Routes Device Configuration 360 | 361 | ```eos 362 | ! 363 | ip route vrf MGMT 0.0.0.0/0 10.255.0.1 364 | ``` 365 | 366 | # Multicast 367 | 368 | ## IP IGMP Snooping 369 | 370 | ### IP IGMP Snooping Summary 371 | 372 | IGMP snooping is globally enabled. 373 | 374 | 375 | ### IP IGMP Snooping Device Configuration 376 | 377 | ```eos 378 | ``` 379 | 380 | # Filters 381 | 382 | # ACL 383 | 384 | # VRF Instances 385 | 386 | ## VRF Instances Summary 387 | 388 | | VRF Name | IP Routing | 389 | | -------- | ---------- | 390 | | MGMT | disabled | 391 | 392 | ## VRF Instances Device Configuration 393 | 394 | ```eos 395 | ! 396 | vrf instance MGMT 397 | ``` 398 | 399 | # Quality Of Service 400 | -------------------------------------------------------------------------------- /inventory/documentation/devices/DC1-SPINE1.md: -------------------------------------------------------------------------------- 1 | # DC1-SPINE1 2 | # Table of Contents 3 | 4 | 5 | - [Management](#management) 6 | - [Management Interfaces](#management-interfaces) 7 | - [Name Servers](#name-servers) 8 | - [NTP](#ntp) 9 | - [Management API HTTP](#management-api-http) 10 | - [Authentication](#authentication) 11 | - [Local Users](#local-users) 12 | - [Monitoring](#monitoring) 13 | - [TerminAttr Daemon](#terminattr-daemon) 14 | - [Spanning Tree](#spanning-tree) 15 | - [Spanning Tree Summary](#spanning-tree-summary) 16 | - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) 17 | - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) 18 | - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) 19 | - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) 20 | - [Interfaces](#interfaces) 21 | - [Ethernet Interfaces](#ethernet-interfaces) 22 | - [Loopback Interfaces](#loopback-interfaces) 23 | - [Routing](#routing) 24 | - [Service Routing Protocols Model](#service-routing-protocols-model) 25 | - [IP Routing](#ip-routing) 26 | - [IPv6 Routing](#ipv6-routing) 27 | - [Static Routes](#static-routes) 28 | - [Router BGP](#router-bgp) 29 | - [BFD](#bfd) 30 | - [Router BFD](#router-bfd) 31 | - [Multicast](#multicast) 32 | - [Filters](#filters) 33 | - [Prefix-lists](#prefix-lists) 34 | - [Route-maps](#route-maps) 35 | - [ACL](#acl) 36 | - [VRF Instances](#vrf-instances) 37 | - [VRF Instances Summary](#vrf-instances-summary) 38 | - [VRF Instances Device Configuration](#vrf-instances-device-configuration) 39 | - [Quality Of Service](#quality-of-service) 40 | 41 | 42 | # Management 43 | 44 | ## Management Interfaces 45 | 46 | ### Management Interfaces Summary 47 | 48 | #### IPv4 49 | 50 | | Management Interface | description | Type | VRF | IP Address | Gateway | 51 | | -------------------- | ----------- | ---- | --- | ---------- | ------- | 52 | | Management1 | oob_management | oob | MGMT | 10.255.0.11/24 | 10.255.0.1 | 53 | 54 | #### IPv6 55 | 56 | | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | 57 | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | 58 | | Management1 | oob_management | oob | MGMT | - | - | 59 | 60 | ### Management Interfaces Device Configuration 61 | 62 | ```eos 63 | ! 64 | interface Management1 65 | description oob_management 66 | no shutdown 67 | vrf MGMT 68 | ip address 10.255.0.11/24 69 | ``` 70 | 71 | ## Name Servers 72 | 73 | ### Name Servers Summary 74 | 75 | | Name Server | Source VRF | 76 | | ----------- | ---------- | 77 | | 192.168.2.1 | MGMT | 78 | | 8.8.8.8 | MGMT | 79 | 80 | ### Name Servers Device Configuration 81 | 82 | ```eos 83 | ip name-server vrf MGMT 8.8.8.8 84 | ip name-server vrf MGMT 192.168.2.1 85 | ``` 86 | 87 | ## NTP 88 | 89 | ### NTP Summary 90 | 91 | #### NTP Local Interface 92 | 93 | | Interface | VRF | 94 | | --------- | --- | 95 | | Management1 | MGMT | 96 | 97 | #### NTP Servers 98 | 99 | | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | 100 | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | 101 | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | 102 | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | 103 | 104 | ### NTP Device Configuration 105 | 106 | ```eos 107 | ! 108 | ntp local-interface vrf MGMT Management1 109 | ntp server vrf MGMT 0.fr.pool.ntp.org prefer 110 | ntp server vrf MGMT 1.fr.pool.ntp.org 111 | ``` 112 | 113 | ## Management API HTTP 114 | 115 | ### Management API HTTP Summary 116 | 117 | | HTTP | HTTPS | 118 | | ---------- | ---------- | 119 | | default | true | 120 | 121 | ### Management API VRF Access 122 | 123 | | VRF Name | IPv4 ACL | IPv6 ACL | 124 | | -------- | -------- | -------- | 125 | | MGMT | - | - | 126 | 127 | 128 | ### Management API HTTP Configuration 129 | 130 | ```eos 131 | ! 132 | management api http-commands 133 | protocol https 134 | no shutdown 135 | ! 136 | vrf MGMT 137 | no shutdown 138 | ``` 139 | 140 | # Authentication 141 | 142 | ## Local Users 143 | 144 | ### Local Users Summary 145 | 146 | | User | Privilege | Role | 147 | | ---- | --------- | ---- | 148 | | admin | 15 | network-admin | 149 | | ansible | 15 | network-admin | 150 | | cvpadmin | 15 | network-admin | 151 | 152 | ### Local Users Device Configuration 153 | 154 | ```eos 155 | ! 156 | username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 157 | username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 158 | username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 159 | ``` 160 | 161 | # Monitoring 162 | 163 | ## TerminAttr Daemon 164 | 165 | ### TerminAttr Daemon Summary 166 | 167 | | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | 168 | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | 169 | | gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | 170 | 171 | ### TerminAttr Daemon Device Configuration 172 | 173 | ```eos 174 | ! 175 | daemon TerminAttr 176 | exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs 177 | no shutdown 178 | ``` 179 | 180 | # Spanning Tree 181 | 182 | ## Spanning Tree Summary 183 | 184 | STP mode: **none** 185 | 186 | ### Global Spanning-Tree Settings 187 | 188 | 189 | ## Spanning Tree Device Configuration 190 | 191 | ```eos 192 | ! 193 | spanning-tree mode none 194 | ``` 195 | 196 | # Internal VLAN Allocation Policy 197 | 198 | ## Internal VLAN Allocation Policy Summary 199 | 200 | | Policy Allocation | Range Beginning | Range Ending | 201 | | ------------------| --------------- | ------------ | 202 | | ascending | 1006 | 1199 | 203 | 204 | ## Internal VLAN Allocation Policy Configuration 205 | 206 | ```eos 207 | ! 208 | vlan internal order ascending range 1006 1199 209 | ``` 210 | 211 | # Interfaces 212 | 213 | ## Ethernet Interfaces 214 | 215 | ### Ethernet Interfaces Summary 216 | 217 | #### L2 218 | 219 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | 220 | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | 221 | 222 | *Inherited from Port-Channel Interface 223 | 224 | #### IPv4 225 | 226 | | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | 227 | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | 228 | | Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet1 | routed | - | 172.31.255.0/31 | default | 1500 | false | - | - | 229 | | Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet1 | routed | - | 172.31.255.4/31 | default | 1500 | false | - | - | 230 | | Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet1 | routed | - | 172.31.255.8/31 | default | 1500 | false | - | - | 231 | | Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet1 | routed | - | 172.31.255.12/31 | default | 1500 | false | - | - | 232 | 233 | ### Ethernet Interfaces Device Configuration 234 | 235 | ```eos 236 | ! 237 | interface Ethernet1 238 | description P2P_LINK_TO_DC1-LEAF1A_Ethernet1 239 | no shutdown 240 | mtu 1500 241 | no switchport 242 | ip address 172.31.255.0/31 243 | ! 244 | interface Ethernet2 245 | description P2P_LINK_TO_DC1-LEAF1B_Ethernet1 246 | no shutdown 247 | mtu 1500 248 | no switchport 249 | ip address 172.31.255.4/31 250 | ! 251 | interface Ethernet3 252 | description P2P_LINK_TO_DC1-LEAF2A_Ethernet1 253 | no shutdown 254 | mtu 1500 255 | no switchport 256 | ip address 172.31.255.8/31 257 | ! 258 | interface Ethernet4 259 | description P2P_LINK_TO_DC1-LEAF2B_Ethernet1 260 | no shutdown 261 | mtu 1500 262 | no switchport 263 | ip address 172.31.255.12/31 264 | ``` 265 | 266 | ## Loopback Interfaces 267 | 268 | ### Loopback Interfaces Summary 269 | 270 | #### IPv4 271 | 272 | | Interface | Description | VRF | IP Address | 273 | | --------- | ----------- | --- | ---------- | 274 | | Loopback0 | EVPN_Overlay_Peering | default | 192.168.255.1/32 | 275 | 276 | #### IPv6 277 | 278 | | Interface | Description | VRF | IPv6 Address | 279 | | --------- | ----------- | --- | ------------ | 280 | | Loopback0 | EVPN_Overlay_Peering | default | - | 281 | 282 | 283 | ### Loopback Interfaces Device Configuration 284 | 285 | ```eos 286 | ! 287 | interface Loopback0 288 | description EVPN_Overlay_Peering 289 | no shutdown 290 | ip address 192.168.255.1/32 291 | ``` 292 | 293 | # Routing 294 | ## Service Routing Protocols Model 295 | 296 | Multi agent routing protocol model enabled 297 | 298 | ```eos 299 | ! 300 | service routing protocols model multi-agent 301 | ``` 302 | 303 | ## IP Routing 304 | 305 | ### IP Routing Summary 306 | 307 | | VRF | Routing Enabled | 308 | | --- | --------------- | 309 | | default | true|| MGMT | false | 310 | 311 | ### IP Routing Device Configuration 312 | 313 | ```eos 314 | ! 315 | ip routing 316 | no ip routing vrf MGMT 317 | ``` 318 | ## IPv6 Routing 319 | 320 | ### IPv6 Routing Summary 321 | 322 | | VRF | Routing Enabled | 323 | | --- | --------------- | 324 | | default | false || MGMT | false | 325 | 326 | 327 | ## Static Routes 328 | 329 | ### Static Routes Summary 330 | 331 | | VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | 332 | | --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | 333 | | MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | 334 | 335 | ### Static Routes Device Configuration 336 | 337 | ```eos 338 | ! 339 | ip route vrf MGMT 0.0.0.0/0 10.255.0.1 340 | ``` 341 | 342 | ## Router BGP 343 | 344 | ### Router BGP Summary 345 | 346 | | BGP AS | Router ID | 347 | | ------ | --------- | 348 | | 65001| 192.168.255.1 | 349 | 350 | | BGP Tuning | 351 | | ---------- | 352 | | no bgp default ipv4-unicast | 353 | | distance bgp 20 200 200 | 354 | | graceful-restart restart-time 300 | 355 | | graceful-restart | 356 | | maximum-paths 4 ecmp 4 | 357 | 358 | ### Router BGP Peer Groups 359 | 360 | #### EVPN-OVERLAY-PEERS 361 | 362 | | Settings | Value | 363 | | -------- | ----- | 364 | | Address Family | evpn | 365 | | Next-hop unchanged | True | 366 | | Source | Loopback0 | 367 | | Bfd | true | 368 | | Ebgp multihop | 3 | 369 | | Send community | all | 370 | | Maximum routes | 0 (no limit) | 371 | 372 | #### IPv4-UNDERLAY-PEERS 373 | 374 | | Settings | Value | 375 | | -------- | ----- | 376 | | Address Family | ipv4 | 377 | | Send community | all | 378 | | Maximum routes | 12000 | 379 | 380 | ### BGP Neighbors 381 | 382 | | Neighbor | Remote AS | VRF | 383 | | -------- | --------- | --- | 384 | | 172.31.255.1 | 65101 | default | 385 | | 172.31.255.5 | 65101 | default | 386 | | 172.31.255.9 | 65102 | default | 387 | | 172.31.255.13 | 65102 | default | 388 | | 192.168.255.3 | 65101 | default | 389 | | 192.168.255.4 | 65101 | default | 390 | | 192.168.255.5 | 65102 | default | 391 | | 192.168.255.6 | 65102 | default | 392 | 393 | ### Router BGP EVPN Address Family 394 | 395 | #### Router BGP EVPN MAC-VRFs 396 | 397 | #### Router BGP EVPN VRFs 398 | 399 | ### Router BGP Device Configuration 400 | 401 | ```eos 402 | ! 403 | router bgp 65001 404 | router-id 192.168.255.1 405 | no bgp default ipv4-unicast 406 | distance bgp 20 200 200 407 | graceful-restart restart-time 300 408 | graceful-restart 409 | maximum-paths 4 ecmp 4 410 | neighbor EVPN-OVERLAY-PEERS peer group 411 | neighbor EVPN-OVERLAY-PEERS next-hop-unchanged 412 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 413 | neighbor EVPN-OVERLAY-PEERS bfd 414 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 415 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 416 | neighbor EVPN-OVERLAY-PEERS send-community 417 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 418 | neighbor IPv4-UNDERLAY-PEERS peer group 419 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 420 | neighbor IPv4-UNDERLAY-PEERS send-community 421 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 422 | neighbor 172.31.255.1 peer group IPv4-UNDERLAY-PEERS 423 | neighbor 172.31.255.1 remote-as 65101 424 | neighbor 172.31.255.1 description DC1-LEAF1A_Ethernet1 425 | neighbor 172.31.255.5 peer group IPv4-UNDERLAY-PEERS 426 | neighbor 172.31.255.5 remote-as 65101 427 | neighbor 172.31.255.5 description DC1-LEAF1B_Ethernet1 428 | neighbor 172.31.255.9 peer group IPv4-UNDERLAY-PEERS 429 | neighbor 172.31.255.9 remote-as 65102 430 | neighbor 172.31.255.9 description DC1-LEAF2A_Ethernet1 431 | neighbor 172.31.255.13 peer group IPv4-UNDERLAY-PEERS 432 | neighbor 172.31.255.13 remote-as 65102 433 | neighbor 172.31.255.13 description DC1-LEAF2B_Ethernet1 434 | neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS 435 | neighbor 192.168.255.3 remote-as 65101 436 | neighbor 192.168.255.3 description DC1-LEAF1A 437 | neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS 438 | neighbor 192.168.255.4 remote-as 65101 439 | neighbor 192.168.255.4 description DC1-LEAF1B 440 | neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS 441 | neighbor 192.168.255.5 remote-as 65102 442 | neighbor 192.168.255.5 description DC1-LEAF2A 443 | neighbor 192.168.255.6 peer group EVPN-OVERLAY-PEERS 444 | neighbor 192.168.255.6 remote-as 65102 445 | neighbor 192.168.255.6 description DC1-LEAF2B 446 | redistribute connected route-map RM-CONN-2-BGP 447 | ! 448 | address-family evpn 449 | neighbor EVPN-OVERLAY-PEERS activate 450 | ! 451 | address-family ipv4 452 | no neighbor EVPN-OVERLAY-PEERS activate 453 | neighbor IPv4-UNDERLAY-PEERS activate 454 | ``` 455 | 456 | # BFD 457 | 458 | ## Router BFD 459 | 460 | ### Router BFD Multihop Summary 461 | 462 | | Interval | Minimum RX | Multiplier | 463 | | -------- | ---------- | ---------- | 464 | | 1200 | 1200 | 3 | 465 | 466 | ### Router BFD Multihop Device Configuration 467 | 468 | ```eos 469 | ! 470 | router bfd 471 | multihop interval 1200 min-rx 1200 multiplier 3 472 | ``` 473 | 474 | # Multicast 475 | 476 | # Filters 477 | 478 | ## Prefix-lists 479 | 480 | ### Prefix-lists Summary 481 | 482 | #### PL-LOOPBACKS-EVPN-OVERLAY 483 | 484 | | Sequence | Action | 485 | | -------- | ------ | 486 | | 10 | permit 192.168.255.0/24 eq 32 | 487 | 488 | ### Prefix-lists Device Configuration 489 | 490 | ```eos 491 | ! 492 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 493 | seq 10 permit 192.168.255.0/24 eq 32 494 | ``` 495 | 496 | ## Route-maps 497 | 498 | ### Route-maps Summary 499 | 500 | #### RM-CONN-2-BGP 501 | 502 | | Sequence | Type | Match and/or Set | 503 | | -------- | ---- | ---------------- | 504 | | 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | 505 | 506 | ### Route-maps Device Configuration 507 | 508 | ```eos 509 | ! 510 | route-map RM-CONN-2-BGP permit 10 511 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 512 | ``` 513 | 514 | # ACL 515 | 516 | # VRF Instances 517 | 518 | ## VRF Instances Summary 519 | 520 | | VRF Name | IP Routing | 521 | | -------- | ---------- | 522 | | MGMT | disabled | 523 | 524 | ## VRF Instances Device Configuration 525 | 526 | ```eos 527 | ! 528 | vrf instance MGMT 529 | ``` 530 | 531 | # Quality Of Service 532 | -------------------------------------------------------------------------------- /inventory/documentation/devices/DC1-SPINE2.md: -------------------------------------------------------------------------------- 1 | # DC1-SPINE2 2 | # Table of Contents 3 | 4 | 5 | - [Management](#management) 6 | - [Management Interfaces](#management-interfaces) 7 | - [Name Servers](#name-servers) 8 | - [NTP](#ntp) 9 | - [Management API HTTP](#management-api-http) 10 | - [Authentication](#authentication) 11 | - [Local Users](#local-users) 12 | - [Monitoring](#monitoring) 13 | - [TerminAttr Daemon](#terminattr-daemon) 14 | - [Spanning Tree](#spanning-tree) 15 | - [Spanning Tree Summary](#spanning-tree-summary) 16 | - [Spanning Tree Device Configuration](#spanning-tree-device-configuration) 17 | - [Internal VLAN Allocation Policy](#internal-vlan-allocation-policy) 18 | - [Internal VLAN Allocation Policy Summary](#internal-vlan-allocation-policy-summary) 19 | - [Internal VLAN Allocation Policy Configuration](#internal-vlan-allocation-policy-configuration) 20 | - [Interfaces](#interfaces) 21 | - [Ethernet Interfaces](#ethernet-interfaces) 22 | - [Loopback Interfaces](#loopback-interfaces) 23 | - [Routing](#routing) 24 | - [Service Routing Protocols Model](#service-routing-protocols-model) 25 | - [IP Routing](#ip-routing) 26 | - [IPv6 Routing](#ipv6-routing) 27 | - [Static Routes](#static-routes) 28 | - [Router BGP](#router-bgp) 29 | - [BFD](#bfd) 30 | - [Router BFD](#router-bfd) 31 | - [Multicast](#multicast) 32 | - [Filters](#filters) 33 | - [Prefix-lists](#prefix-lists) 34 | - [Route-maps](#route-maps) 35 | - [ACL](#acl) 36 | - [VRF Instances](#vrf-instances) 37 | - [VRF Instances Summary](#vrf-instances-summary) 38 | - [VRF Instances Device Configuration](#vrf-instances-device-configuration) 39 | - [Quality Of Service](#quality-of-service) 40 | 41 | 42 | # Management 43 | 44 | ## Management Interfaces 45 | 46 | ### Management Interfaces Summary 47 | 48 | #### IPv4 49 | 50 | | Management Interface | description | Type | VRF | IP Address | Gateway | 51 | | -------------------- | ----------- | ---- | --- | ---------- | ------- | 52 | | Management1 | oob_management | oob | MGMT | 10.255.0.12/24 | 10.255.0.1 | 53 | 54 | #### IPv6 55 | 56 | | Management Interface | description | Type | VRF | IPv6 Address | IPv6 Gateway | 57 | | -------------------- | ----------- | ---- | --- | ------------ | ------------ | 58 | | Management1 | oob_management | oob | MGMT | - | - | 59 | 60 | ### Management Interfaces Device Configuration 61 | 62 | ```eos 63 | ! 64 | interface Management1 65 | description oob_management 66 | no shutdown 67 | vrf MGMT 68 | ip address 10.255.0.12/24 69 | ``` 70 | 71 | ## Name Servers 72 | 73 | ### Name Servers Summary 74 | 75 | | Name Server | Source VRF | 76 | | ----------- | ---------- | 77 | | 192.168.2.1 | MGMT | 78 | | 8.8.8.8 | MGMT | 79 | 80 | ### Name Servers Device Configuration 81 | 82 | ```eos 83 | ip name-server vrf MGMT 8.8.8.8 84 | ip name-server vrf MGMT 192.168.2.1 85 | ``` 86 | 87 | ## NTP 88 | 89 | ### NTP Summary 90 | 91 | #### NTP Local Interface 92 | 93 | | Interface | VRF | 94 | | --------- | --- | 95 | | Management1 | MGMT | 96 | 97 | #### NTP Servers 98 | 99 | | Server | VRF | Preferred | Burst | iBurst | Version | Min Poll | Max Poll | Local-interface | Key | 100 | | ------ | --- | --------- | ----- | ------ | ------- | -------- | -------- | --------------- | --- | 101 | | 0.fr.pool.ntp.org | MGMT | True | - | - | - | - | - | - | - | 102 | | 1.fr.pool.ntp.org | MGMT | - | - | - | - | - | - | - | - | 103 | 104 | ### NTP Device Configuration 105 | 106 | ```eos 107 | ! 108 | ntp local-interface vrf MGMT Management1 109 | ntp server vrf MGMT 0.fr.pool.ntp.org prefer 110 | ntp server vrf MGMT 1.fr.pool.ntp.org 111 | ``` 112 | 113 | ## Management API HTTP 114 | 115 | ### Management API HTTP Summary 116 | 117 | | HTTP | HTTPS | 118 | | ---------- | ---------- | 119 | | default | true | 120 | 121 | ### Management API VRF Access 122 | 123 | | VRF Name | IPv4 ACL | IPv6 ACL | 124 | | -------- | -------- | -------- | 125 | | MGMT | - | - | 126 | 127 | 128 | ### Management API HTTP Configuration 129 | 130 | ```eos 131 | ! 132 | management api http-commands 133 | protocol https 134 | no shutdown 135 | ! 136 | vrf MGMT 137 | no shutdown 138 | ``` 139 | 140 | # Authentication 141 | 142 | ## Local Users 143 | 144 | ### Local Users Summary 145 | 146 | | User | Privilege | Role | 147 | | ---- | --------- | ---- | 148 | | admin | 15 | network-admin | 149 | | ansible | 15 | network-admin | 150 | | cvpadmin | 15 | network-admin | 151 | 152 | ### Local Users Device Configuration 153 | 154 | ```eos 155 | ! 156 | username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 157 | username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 158 | username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 159 | ``` 160 | 161 | # Monitoring 162 | 163 | ## TerminAttr Daemon 164 | 165 | ### TerminAttr Daemon Summary 166 | 167 | | CV Compression | CloudVision Servers | VRF | Authentication | Smash Excludes | Ingest Exclude | Bypass AAA | 168 | | -------------- | ------------------- | --- | -------------- | -------------- | -------------- | ---------- | 169 | | gzip | 10.255.0.1:9910 | MGMT | - | ale,flexCounter,hardware,kni,pulse,strata | /Sysdb/cell/1/agent,/Sysdb/cell/2/agent | False | 170 | 171 | ### TerminAttr Daemon Device Configuration 172 | 173 | ```eos 174 | ! 175 | daemon TerminAttr 176 | exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs 177 | no shutdown 178 | ``` 179 | 180 | # Spanning Tree 181 | 182 | ## Spanning Tree Summary 183 | 184 | STP mode: **none** 185 | 186 | ### Global Spanning-Tree Settings 187 | 188 | 189 | ## Spanning Tree Device Configuration 190 | 191 | ```eos 192 | ! 193 | spanning-tree mode none 194 | ``` 195 | 196 | # Internal VLAN Allocation Policy 197 | 198 | ## Internal VLAN Allocation Policy Summary 199 | 200 | | Policy Allocation | Range Beginning | Range Ending | 201 | | ------------------| --------------- | ------------ | 202 | | ascending | 1006 | 1199 | 203 | 204 | ## Internal VLAN Allocation Policy Configuration 205 | 206 | ```eos 207 | ! 208 | vlan internal order ascending range 1006 1199 209 | ``` 210 | 211 | # Interfaces 212 | 213 | ## Ethernet Interfaces 214 | 215 | ### Ethernet Interfaces Summary 216 | 217 | #### L2 218 | 219 | | Interface | Description | Mode | VLANs | Native VLAN | Trunk Group | Channel-Group | 220 | | --------- | ----------- | ---- | ----- | ----------- | ----------- | ------------- | 221 | 222 | *Inherited from Port-Channel Interface 223 | 224 | #### IPv4 225 | 226 | | Interface | Description | Type | Channel Group | IP Address | VRF | MTU | Shutdown | ACL In | ACL Out | 227 | | --------- | ----------- | -----| ------------- | ---------- | ----| ---- | -------- | ------ | ------- | 228 | | Ethernet1 | P2P_LINK_TO_DC1-LEAF1A_Ethernet2 | routed | - | 172.31.255.2/31 | default | 1500 | false | - | - | 229 | | Ethernet2 | P2P_LINK_TO_DC1-LEAF1B_Ethernet2 | routed | - | 172.31.255.6/31 | default | 1500 | false | - | - | 230 | | Ethernet3 | P2P_LINK_TO_DC1-LEAF2A_Ethernet2 | routed | - | 172.31.255.10/31 | default | 1500 | false | - | - | 231 | | Ethernet4 | P2P_LINK_TO_DC1-LEAF2B_Ethernet2 | routed | - | 172.31.255.14/31 | default | 1500 | false | - | - | 232 | 233 | ### Ethernet Interfaces Device Configuration 234 | 235 | ```eos 236 | ! 237 | interface Ethernet1 238 | description P2P_LINK_TO_DC1-LEAF1A_Ethernet2 239 | no shutdown 240 | mtu 1500 241 | no switchport 242 | ip address 172.31.255.2/31 243 | ! 244 | interface Ethernet2 245 | description P2P_LINK_TO_DC1-LEAF1B_Ethernet2 246 | no shutdown 247 | mtu 1500 248 | no switchport 249 | ip address 172.31.255.6/31 250 | ! 251 | interface Ethernet3 252 | description P2P_LINK_TO_DC1-LEAF2A_Ethernet2 253 | no shutdown 254 | mtu 1500 255 | no switchport 256 | ip address 172.31.255.10/31 257 | ! 258 | interface Ethernet4 259 | description P2P_LINK_TO_DC1-LEAF2B_Ethernet2 260 | no shutdown 261 | mtu 1500 262 | no switchport 263 | ip address 172.31.255.14/31 264 | ``` 265 | 266 | ## Loopback Interfaces 267 | 268 | ### Loopback Interfaces Summary 269 | 270 | #### IPv4 271 | 272 | | Interface | Description | VRF | IP Address | 273 | | --------- | ----------- | --- | ---------- | 274 | | Loopback0 | EVPN_Overlay_Peering | default | 192.168.255.2/32 | 275 | 276 | #### IPv6 277 | 278 | | Interface | Description | VRF | IPv6 Address | 279 | | --------- | ----------- | --- | ------------ | 280 | | Loopback0 | EVPN_Overlay_Peering | default | - | 281 | 282 | 283 | ### Loopback Interfaces Device Configuration 284 | 285 | ```eos 286 | ! 287 | interface Loopback0 288 | description EVPN_Overlay_Peering 289 | no shutdown 290 | ip address 192.168.255.2/32 291 | ``` 292 | 293 | # Routing 294 | ## Service Routing Protocols Model 295 | 296 | Multi agent routing protocol model enabled 297 | 298 | ```eos 299 | ! 300 | service routing protocols model multi-agent 301 | ``` 302 | 303 | ## IP Routing 304 | 305 | ### IP Routing Summary 306 | 307 | | VRF | Routing Enabled | 308 | | --- | --------------- | 309 | | default | true|| MGMT | false | 310 | 311 | ### IP Routing Device Configuration 312 | 313 | ```eos 314 | ! 315 | ip routing 316 | no ip routing vrf MGMT 317 | ``` 318 | ## IPv6 Routing 319 | 320 | ### IPv6 Routing Summary 321 | 322 | | VRF | Routing Enabled | 323 | | --- | --------------- | 324 | | default | false || MGMT | false | 325 | 326 | 327 | ## Static Routes 328 | 329 | ### Static Routes Summary 330 | 331 | | VRF | Destination Prefix | Next Hop IP | Exit interface | Administrative Distance | Tag | Route Name | Metric | 332 | | --- | ------------------ | ----------------------- | ------------------- | ----------------------------- | ----------------- | ----------------------------- | -------------- | 333 | | MGMT | 0.0.0.0/0 | 10.255.0.1 | - | 1 | - | - | - | 334 | 335 | ### Static Routes Device Configuration 336 | 337 | ```eos 338 | ! 339 | ip route vrf MGMT 0.0.0.0/0 10.255.0.1 340 | ``` 341 | 342 | ## Router BGP 343 | 344 | ### Router BGP Summary 345 | 346 | | BGP AS | Router ID | 347 | | ------ | --------- | 348 | | 65001| 192.168.255.2 | 349 | 350 | | BGP Tuning | 351 | | ---------- | 352 | | no bgp default ipv4-unicast | 353 | | distance bgp 20 200 200 | 354 | | graceful-restart restart-time 300 | 355 | | graceful-restart | 356 | | maximum-paths 4 ecmp 4 | 357 | 358 | ### Router BGP Peer Groups 359 | 360 | #### EVPN-OVERLAY-PEERS 361 | 362 | | Settings | Value | 363 | | -------- | ----- | 364 | | Address Family | evpn | 365 | | Next-hop unchanged | True | 366 | | Source | Loopback0 | 367 | | Bfd | true | 368 | | Ebgp multihop | 3 | 369 | | Send community | all | 370 | | Maximum routes | 0 (no limit) | 371 | 372 | #### IPv4-UNDERLAY-PEERS 373 | 374 | | Settings | Value | 375 | | -------- | ----- | 376 | | Address Family | ipv4 | 377 | | Send community | all | 378 | | Maximum routes | 12000 | 379 | 380 | ### BGP Neighbors 381 | 382 | | Neighbor | Remote AS | VRF | 383 | | -------- | --------- | --- | 384 | | 172.31.255.3 | 65101 | default | 385 | | 172.31.255.7 | 65101 | default | 386 | | 172.31.255.11 | 65102 | default | 387 | | 172.31.255.15 | 65102 | default | 388 | | 192.168.255.3 | 65101 | default | 389 | | 192.168.255.4 | 65101 | default | 390 | | 192.168.255.5 | 65102 | default | 391 | | 192.168.255.6 | 65102 | default | 392 | 393 | ### Router BGP EVPN Address Family 394 | 395 | #### Router BGP EVPN MAC-VRFs 396 | 397 | #### Router BGP EVPN VRFs 398 | 399 | ### Router BGP Device Configuration 400 | 401 | ```eos 402 | ! 403 | router bgp 65001 404 | router-id 192.168.255.2 405 | no bgp default ipv4-unicast 406 | distance bgp 20 200 200 407 | graceful-restart restart-time 300 408 | graceful-restart 409 | maximum-paths 4 ecmp 4 410 | neighbor EVPN-OVERLAY-PEERS peer group 411 | neighbor EVPN-OVERLAY-PEERS next-hop-unchanged 412 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 413 | neighbor EVPN-OVERLAY-PEERS bfd 414 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 415 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 416 | neighbor EVPN-OVERLAY-PEERS send-community 417 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 418 | neighbor IPv4-UNDERLAY-PEERS peer group 419 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 420 | neighbor IPv4-UNDERLAY-PEERS send-community 421 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 422 | neighbor 172.31.255.3 peer group IPv4-UNDERLAY-PEERS 423 | neighbor 172.31.255.3 remote-as 65101 424 | neighbor 172.31.255.3 description DC1-LEAF1A_Ethernet2 425 | neighbor 172.31.255.7 peer group IPv4-UNDERLAY-PEERS 426 | neighbor 172.31.255.7 remote-as 65101 427 | neighbor 172.31.255.7 description DC1-LEAF1B_Ethernet2 428 | neighbor 172.31.255.11 peer group IPv4-UNDERLAY-PEERS 429 | neighbor 172.31.255.11 remote-as 65102 430 | neighbor 172.31.255.11 description DC1-LEAF2A_Ethernet2 431 | neighbor 172.31.255.15 peer group IPv4-UNDERLAY-PEERS 432 | neighbor 172.31.255.15 remote-as 65102 433 | neighbor 172.31.255.15 description DC1-LEAF2B_Ethernet2 434 | neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS 435 | neighbor 192.168.255.3 remote-as 65101 436 | neighbor 192.168.255.3 description DC1-LEAF1A 437 | neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS 438 | neighbor 192.168.255.4 remote-as 65101 439 | neighbor 192.168.255.4 description DC1-LEAF1B 440 | neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS 441 | neighbor 192.168.255.5 remote-as 65102 442 | neighbor 192.168.255.5 description DC1-LEAF2A 443 | neighbor 192.168.255.6 peer group EVPN-OVERLAY-PEERS 444 | neighbor 192.168.255.6 remote-as 65102 445 | neighbor 192.168.255.6 description DC1-LEAF2B 446 | redistribute connected route-map RM-CONN-2-BGP 447 | ! 448 | address-family evpn 449 | neighbor EVPN-OVERLAY-PEERS activate 450 | ! 451 | address-family ipv4 452 | no neighbor EVPN-OVERLAY-PEERS activate 453 | neighbor IPv4-UNDERLAY-PEERS activate 454 | ``` 455 | 456 | # BFD 457 | 458 | ## Router BFD 459 | 460 | ### Router BFD Multihop Summary 461 | 462 | | Interval | Minimum RX | Multiplier | 463 | | -------- | ---------- | ---------- | 464 | | 1200 | 1200 | 3 | 465 | 466 | ### Router BFD Multihop Device Configuration 467 | 468 | ```eos 469 | ! 470 | router bfd 471 | multihop interval 1200 min-rx 1200 multiplier 3 472 | ``` 473 | 474 | # Multicast 475 | 476 | # Filters 477 | 478 | ## Prefix-lists 479 | 480 | ### Prefix-lists Summary 481 | 482 | #### PL-LOOPBACKS-EVPN-OVERLAY 483 | 484 | | Sequence | Action | 485 | | -------- | ------ | 486 | | 10 | permit 192.168.255.0/24 eq 32 | 487 | 488 | ### Prefix-lists Device Configuration 489 | 490 | ```eos 491 | ! 492 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 493 | seq 10 permit 192.168.255.0/24 eq 32 494 | ``` 495 | 496 | ## Route-maps 497 | 498 | ### Route-maps Summary 499 | 500 | #### RM-CONN-2-BGP 501 | 502 | | Sequence | Type | Match and/or Set | 503 | | -------- | ---- | ---------------- | 504 | | 10 | permit | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY | 505 | 506 | ### Route-maps Device Configuration 507 | 508 | ```eos 509 | ! 510 | route-map RM-CONN-2-BGP permit 10 511 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 512 | ``` 513 | 514 | # ACL 515 | 516 | # VRF Instances 517 | 518 | ## VRF Instances Summary 519 | 520 | | VRF Name | IP Routing | 521 | | -------- | ---------- | 522 | | MGMT | disabled | 523 | 524 | ## VRF Instances Device Configuration 525 | 526 | ```eos 527 | ! 528 | vrf instance MGMT 529 | ``` 530 | 531 | # Quality Of Service 532 | -------------------------------------------------------------------------------- /inventory/documentation/fabric/DC1_FABRIC-documentation.md: -------------------------------------------------------------------------------- 1 | # DC1_FABRIC 2 | 3 | # Table of Contents 4 | 5 | 6 | - [Fabric Switches and Management IP](#fabric-switches-and-management-ip) 7 | - [Fabric Switches with inband Management IP](#fabric-switches-with-inband-management-ip) 8 | - [Fabric Topology](#fabric-topology) 9 | - [Fabric IP Allocation](#fabric-ip-allocation) 10 | - [Fabric Point-To-Point Links](#fabric-point-to-point-links) 11 | - [Point-To-Point Links Node Allocation](#point-to-point-links-node-allocation) 12 | - [Loopback Interfaces (BGP EVPN Peering)](#loopback-interfaces-bgp-evpn-peering) 13 | - [Loopback0 Interfaces Node Allocation](#loopback0-interfaces-node-allocation) 14 | - [VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only)](#vtep-loopback-vxlan-tunnel-source-interfaces-vteps-only) 15 | - [VTEP Loopback Node allocation](#vtep-loopback-node-allocation) 16 | 17 | 18 | # Fabric Switches and Management IP 19 | 20 | | POD | Type | Node | Management IP | Platform | Provisioned in CloudVision | 21 | | --- | ---- | ---- | ------------- | -------- | -------------------------- | 22 | | DC1_FABRIC | l2leaf | DC1-L2LEAF1A | 10.255.0.17/24 | vEOS-LAB | Provisioned | 23 | | DC1_FABRIC | l2leaf | DC1-L2LEAF2A | 10.255.0.18/24 | vEOS-LAB | Provisioned | 24 | | DC1_FABRIC | l3leaf | DC1-LEAF1A | 10.255.0.13/24 | vEOS-LAB | Provisioned | 25 | | DC1_FABRIC | l3leaf | DC1-LEAF1B | 10.255.0.14/24 | vEOS-LAB | Provisioned | 26 | | DC1_FABRIC | l3leaf | DC1-LEAF2A | 10.255.0.15/24 | vEOS-LAB | Provisioned | 27 | | DC1_FABRIC | l3leaf | DC1-LEAF2B | 10.255.0.16/24 | vEOS-LAB | Provisioned | 28 | | DC1_FABRIC | spine | DC1-SPINE1 | 10.255.0.11/24 | vEOS-LAB | Provisioned | 29 | | DC1_FABRIC | spine | DC1-SPINE2 | 10.255.0.12/24 | vEOS-LAB | Provisioned | 30 | 31 | > Provision status is based on Ansible inventory declaration and do not represent real status from CloudVision. 32 | 33 | ## Fabric Switches with inband Management IP 34 | | POD | Type | Node | Management IP | Inband Interface | 35 | | --- | ---- | ---- | ------------- | ---------------- | 36 | 37 | # Fabric Topology 38 | 39 | | Type | Node | Node Interface | Peer Type | Peer Node | Peer Interface | 40 | | ---- | ---- | -------------- | --------- | ----------| -------------- | 41 | | l2leaf | DC1-L2LEAF1A | Ethernet1 | l3leaf | DC1-LEAF1A | Ethernet5 | 42 | | l2leaf | DC1-L2LEAF1A | Ethernet2 | l3leaf | DC1-LEAF1B | Ethernet5 | 43 | | l2leaf | DC1-L2LEAF2A | Ethernet1 | l3leaf | DC1-LEAF2A | Ethernet5 | 44 | | l2leaf | DC1-L2LEAF2A | Ethernet2 | l3leaf | DC1-LEAF2B | Ethernet5 | 45 | | l3leaf | DC1-LEAF1A | Ethernet1 | spine | DC1-SPINE1 | Ethernet1 | 46 | | l3leaf | DC1-LEAF1A | Ethernet2 | spine | DC1-SPINE2 | Ethernet1 | 47 | | l3leaf | DC1-LEAF1A | Ethernet3 | mlag_peer | DC1-LEAF1B | Ethernet3 | 48 | | l3leaf | DC1-LEAF1A | Ethernet4 | mlag_peer | DC1-LEAF1B | Ethernet4 | 49 | | l3leaf | DC1-LEAF1B | Ethernet1 | spine | DC1-SPINE1 | Ethernet2 | 50 | | l3leaf | DC1-LEAF1B | Ethernet2 | spine | DC1-SPINE2 | Ethernet2 | 51 | | l3leaf | DC1-LEAF2A | Ethernet1 | spine | DC1-SPINE1 | Ethernet3 | 52 | | l3leaf | DC1-LEAF2A | Ethernet2 | spine | DC1-SPINE2 | Ethernet3 | 53 | | l3leaf | DC1-LEAF2A | Ethernet3 | mlag_peer | DC1-LEAF2B | Ethernet3 | 54 | | l3leaf | DC1-LEAF2A | Ethernet4 | mlag_peer | DC1-LEAF2B | Ethernet4 | 55 | | l3leaf | DC1-LEAF2B | Ethernet1 | spine | DC1-SPINE1 | Ethernet4 | 56 | | l3leaf | DC1-LEAF2B | Ethernet2 | spine | DC1-SPINE2 | Ethernet4 | 57 | 58 | # Fabric IP Allocation 59 | 60 | ## Fabric Point-To-Point Links 61 | 62 | | Uplink IPv4 Pool | Available Addresses | Assigned addresses | Assigned Address % | 63 | | ---------------- | ------------------- | ------------------ | ------------------ | 64 | | 172.31.255.0/24 | 256 | 16 | 6.25 % | 65 | 66 | ## Point-To-Point Links Node Allocation 67 | 68 | | Node | Node Interface | Node IP Address | Peer Node | Peer Interface | Peer IP Address | 69 | | ---- | -------------- | --------------- | --------- | -------------- | --------------- | 70 | | DC1-LEAF1A | Ethernet1 | 172.31.255.1/31 | DC1-SPINE1 | Ethernet1 | 172.31.255.0/31 | 71 | | DC1-LEAF1A | Ethernet2 | 172.31.255.3/31 | DC1-SPINE2 | Ethernet1 | 172.31.255.2/31 | 72 | | DC1-LEAF1B | Ethernet1 | 172.31.255.5/31 | DC1-SPINE1 | Ethernet2 | 172.31.255.4/31 | 73 | | DC1-LEAF1B | Ethernet2 | 172.31.255.7/31 | DC1-SPINE2 | Ethernet2 | 172.31.255.6/31 | 74 | | DC1-LEAF2A | Ethernet1 | 172.31.255.9/31 | DC1-SPINE1 | Ethernet3 | 172.31.255.8/31 | 75 | | DC1-LEAF2A | Ethernet2 | 172.31.255.11/31 | DC1-SPINE2 | Ethernet3 | 172.31.255.10/31 | 76 | | DC1-LEAF2B | Ethernet1 | 172.31.255.13/31 | DC1-SPINE1 | Ethernet4 | 172.31.255.12/31 | 77 | | DC1-LEAF2B | Ethernet2 | 172.31.255.15/31 | DC1-SPINE2 | Ethernet4 | 172.31.255.14/31 | 78 | 79 | ## Loopback Interfaces (BGP EVPN Peering) 80 | 81 | | Loopback Pool | Available Addresses | Assigned addresses | Assigned Address % | 82 | | ------------- | ------------------- | ------------------ | ------------------ | 83 | | 192.168.255.0/24 | 256 | 6 | 2.35 % | 84 | 85 | ## Loopback0 Interfaces Node Allocation 86 | 87 | | POD | Node | Loopback0 | 88 | | --- | ---- | --------- | 89 | | DC1_FABRIC | DC1-LEAF1A | 192.168.255.3/32 | 90 | | DC1_FABRIC | DC1-LEAF1B | 192.168.255.4/32 | 91 | | DC1_FABRIC | DC1-LEAF2A | 192.168.255.5/32 | 92 | | DC1_FABRIC | DC1-LEAF2B | 192.168.255.6/32 | 93 | | DC1_FABRIC | DC1-SPINE1 | 192.168.255.1/32 | 94 | | DC1_FABRIC | DC1-SPINE2 | 192.168.255.2/32 | 95 | 96 | ## VTEP Loopback VXLAN Tunnel Source Interfaces (VTEPs Only) 97 | 98 | | VTEP Loopback Pool | Available Addresses | Assigned addresses | Assigned Address % | 99 | | --------------------- | ------------------- | ------------------ | ------------------ | 100 | | 192.168.254.0/24 | 256 | 4 | 1.57 % | 101 | 102 | ## VTEP Loopback Node allocation 103 | 104 | | POD | Node | Loopback1 | 105 | | --- | ---- | --------- | 106 | | DC1_FABRIC | DC1-LEAF1A | 192.168.254.3/32 | 107 | | DC1_FABRIC | DC1-LEAF1B | 192.168.254.3/32 | 108 | | DC1_FABRIC | DC1-LEAF2A | 192.168.254.5/32 | 109 | | DC1_FABRIC | DC1-LEAF2B | 192.168.254.5/32 | 110 | -------------------------------------------------------------------------------- /inventory/documentation/fabric/DC1_FABRIC-p2p-links.csv: -------------------------------------------------------------------------------- 1 | Type, Node,Node Interface,Leaf IP Address,Peer Type,Peer Node,Peer Interface,Peer IP Address 2 | l3leaf,DC1-LEAF1A,Ethernet1,172.31.255.1/31,spine,DC1-SPINE1,Ethernet1,172.31.255.0/31 3 | l3leaf,DC1-LEAF1A,Ethernet2,172.31.255.3/31,spine,DC1-SPINE2,Ethernet1,172.31.255.2/31 4 | l3leaf,DC1-LEAF1B,Ethernet1,172.31.255.5/31,spine,DC1-SPINE1,Ethernet2,172.31.255.4/31 5 | l3leaf,DC1-LEAF1B,Ethernet2,172.31.255.7/31,spine,DC1-SPINE2,Ethernet2,172.31.255.6/31 6 | l3leaf,DC1-LEAF2A,Ethernet1,172.31.255.9/31,spine,DC1-SPINE1,Ethernet3,172.31.255.8/31 7 | l3leaf,DC1-LEAF2A,Ethernet2,172.31.255.11/31,spine,DC1-SPINE2,Ethernet3,172.31.255.10/31 8 | l3leaf,DC1-LEAF2B,Ethernet1,172.31.255.13/31,spine,DC1-SPINE1,Ethernet4,172.31.255.12/31 9 | l3leaf,DC1-LEAF2B,Ethernet2,172.31.255.15/31,spine,DC1-SPINE2,Ethernet4,172.31.255.14/31 10 | -------------------------------------------------------------------------------- /inventory/documentation/fabric/DC1_FABRIC-topology.csv: -------------------------------------------------------------------------------- 1 | Node Type,Node,Node Interface,Peer Type,Peer,Peer Interface 2 | l2leaf,DC1-L2LEAF1A,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet5 3 | l2leaf,DC1-L2LEAF1A,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet5 4 | l2leaf,DC1-L2LEAF1A,Ethernet5,server,server01,Eth0 5 | l2leaf,DC1-L2LEAF2A,Ethernet1,l3leaf,DC1-LEAF2A,Ethernet5 6 | l2leaf,DC1-L2LEAF2A,Ethernet2,l3leaf,DC1-LEAF2B,Ethernet5 7 | l2leaf,DC1-L2LEAF2A,Ethernet5,server,server02,Eth0 8 | l3leaf,DC1-LEAF1A,Ethernet1,spine,DC1-SPINE1,Ethernet1 9 | l3leaf,DC1-LEAF1A,Ethernet2,spine,DC1-SPINE2,Ethernet1 10 | l3leaf,DC1-LEAF1A,Ethernet3,mlag_peer,DC1-LEAF1B,Ethernet3 11 | l3leaf,DC1-LEAF1A,Ethernet4,mlag_peer,DC1-LEAF1B,Ethernet4 12 | l3leaf,DC1-LEAF1A,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet1 13 | l3leaf,DC1-LEAF1B,Ethernet1,spine,DC1-SPINE1,Ethernet2 14 | l3leaf,DC1-LEAF1B,Ethernet2,spine,DC1-SPINE2,Ethernet2 15 | l3leaf,DC1-LEAF1B,Ethernet3,mlag_peer,DC1-LEAF1A,Ethernet3 16 | l3leaf,DC1-LEAF1B,Ethernet4,mlag_peer,DC1-LEAF1A,Ethernet4 17 | l3leaf,DC1-LEAF1B,Ethernet5,l2leaf,DC1-L2LEAF1A,Ethernet2 18 | l3leaf,DC1-LEAF2A,Ethernet1,spine,DC1-SPINE1,Ethernet3 19 | l3leaf,DC1-LEAF2A,Ethernet2,spine,DC1-SPINE2,Ethernet3 20 | l3leaf,DC1-LEAF2A,Ethernet3,mlag_peer,DC1-LEAF2B,Ethernet3 21 | l3leaf,DC1-LEAF2A,Ethernet4,mlag_peer,DC1-LEAF2B,Ethernet4 22 | l3leaf,DC1-LEAF2A,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet1 23 | l3leaf,DC1-LEAF2B,Ethernet1,spine,DC1-SPINE1,Ethernet4 24 | l3leaf,DC1-LEAF2B,Ethernet2,spine,DC1-SPINE2,Ethernet4 25 | l3leaf,DC1-LEAF2B,Ethernet3,mlag_peer,DC1-LEAF2A,Ethernet3 26 | l3leaf,DC1-LEAF2B,Ethernet4,mlag_peer,DC1-LEAF2A,Ethernet4 27 | l3leaf,DC1-LEAF2B,Ethernet5,l2leaf,DC1-L2LEAF2A,Ethernet2 28 | spine,DC1-SPINE1,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet1 29 | spine,DC1-SPINE1,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet1 30 | spine,DC1-SPINE1,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet1 31 | spine,DC1-SPINE1,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet1 32 | spine,DC1-SPINE2,Ethernet1,l3leaf,DC1-LEAF1A,Ethernet2 33 | spine,DC1-SPINE2,Ethernet2,l3leaf,DC1-LEAF1B,Ethernet2 34 | spine,DC1-SPINE2,Ethernet3,l3leaf,DC1-LEAF2A,Ethernet2 35 | spine,DC1-SPINE2,Ethernet4,l3leaf,DC1-LEAF2B,Ethernet2 36 | -------------------------------------------------------------------------------- /inventory/group_vars/CVP.yml: -------------------------------------------------------------------------------- 1 | --- 2 | ztp: 3 | default: 4 | registration: 'http://10.255.0.1/ztp/bootstrap' 5 | gateway: 10.255.0.3 6 | nameservers: 7 | - '10.255.0.3' 8 | general: 9 | subnets: 10 | - network: 10.255.0.0 11 | netmask: 255.255.255.0 12 | gateway: 10.255.0.3 13 | nameservers: 14 | - '10.255.0.3' 15 | start: 10.255.0.200 16 | end: 10.255.0.250 17 | lease_time: 300 18 | clients: 19 | # GNS3 VM Request 20 | - name: gns3 21 | mac: '00:50:56:86:8b:2f' 22 | ip4: 10.255.0.2 23 | # AVD/CVP Integration 24 | - name: DC1-SPINE1 25 | mac: '0c:1d:c0:1d:62:01' 26 | ip4: 10.255.0.11 27 | - name: DC1-SPINE2 28 | mac: '0c:1d:c0:1d:62:02' 29 | ip4: 10.255.0.12 30 | - name: DC1-LEAF1A 31 | mac: '0c:1d:c0:1d:62:11' 32 | ip4: 10.255.0.13 33 | - name: DC1-LEAF1B 34 | mac: '0c:1d:c0:1d:62:12' 35 | ip4: 10.255.0.14 36 | - name: DC1-LEAF2A 37 | mac: '0c:1d:c0:1d:62:21' 38 | ip4: 10.255.0.15 39 | - name: DC1-LEAF2B 40 | mac: '0c:1d:c0:1d:62:22' 41 | ip4: 10.255.0.16 42 | - name: DC1-L2LEAF1A 43 | mac: '0c:1d:c0:1d:62:13' 44 | ip4: 10.255.0.17 45 | - name: DC1-L2LEAF2A 46 | mac: '0c:1d:c0:1d:62:23' 47 | ip4: 10.255.0.18 48 | -------------------------------------------------------------------------------- /inventory/group_vars/DC1.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # Validation lab 3 | # local users 4 | local_users: 5 | admin: 6 | privilege: 15 7 | role: network-admin 8 | sha512_password: "$6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1" 9 | 10 | cvpadmin: 11 | privilege: 15 12 | role: network-admin 13 | sha512_password: "$6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj." 14 | 15 | ansible: 16 | privilege: 15 17 | role: network-admin 18 | sha512_password: "$6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/" 19 | 20 | # Cloud Vision server information 21 | cvp_instance_ip: 10.255.0.1 22 | cvp_ingestauth_key: '' 23 | # cvp_ingestauth_key: telarista 24 | 25 | # OOB Management network default gateway. 26 | mgmt_interface: Management1 27 | mgmt_interface_vrf: MGMT 28 | mgmt_gateway: 10.255.0.1 29 | 30 | # dns servers. 31 | name_servers: 32 | - 192.168.2.1 33 | - 8.8.8.8 34 | 35 | # NTP Servers IP or DNS name, first NTP server will be prefered, and sourced from Managment VRF 36 | custom_structured_configuration_ntp: 37 | local_interface: 38 | name: Management1 39 | vrf: MGMT 40 | servers: 41 | - name: 0.fr.pool.ntp.org 42 | preferred: true 43 | vrf: MGMT 44 | - name: 1.fr.pool.ntp.org 45 | vrf: MGMT -------------------------------------------------------------------------------- /inventory/group_vars/DC1_FABRIC.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # L3LS Fabric Values - update these values with caution, 3 | # SOME CHANGES COULD BE DISRUPTIVE. 4 | 5 | fabric_name: DC1_FABRIC 6 | 7 | # Enable vlan aware bundles 8 | vxlan_vlan_aware_bundles: true 9 | 10 | # bgp peer groups passwords 11 | bgp_peer_groups: 12 | IPv4_UNDERLAY_PEERS: 13 | password: "AQQvKeimxJu+uGQ/yYvv9w==" 14 | EVPN_OVERLAY_PEERS: 15 | password: "q+VNViP5i4rVjW1cxFv2wA==" 16 | MLAG_IPv4_UNDERLAY_PEER: 17 | password: "vnEaG8gMeQf3d3cN6PktXQ==" 18 | 19 | # Spine Switches 20 | spine: 21 | defaults: 22 | platform: vEOS-LAB 23 | bgp_as: 65001 24 | loopback_ipv4_pool: 192.168.255.0/24 25 | bgp_defaults: 26 | - 'no bgp default ipv4-unicast' 27 | - 'distance bgp 20 200 200' 28 | - 'graceful-restart restart-time 300' 29 | - 'graceful-restart' 30 | mlag_peer_ipv4_pool: 10.255.252.0/24 31 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 32 | nodes: 33 | DC1-SPINE1: 34 | id: 1 35 | mgmt_ip: 10.255.0.11/24 36 | DC1-SPINE2: 37 | id: 2 38 | mgmt_ip: 10.255.0.12/24 39 | 40 | # Leaf switch groups 41 | # A maximum of two nodes can form a leaf group 42 | # When two nodes are in a leaf group this will automatically form mlag pair 43 | 44 | l3leaf: 45 | defaults: 46 | platform: vEOS-LAB 47 | loopback_ipv4_pool: 192.168.255.0/24 48 | loopback_ipv4_offset: 2 49 | vtep_loopback_ipv4_pool: 192.168.254.0/24 50 | uplink_interfaces: ['Ethernet1', 'Ethernet2'] 51 | uplink_switches: ['DC1-SPINE1', 'DC1-SPINE2'] 52 | uplink_ipv4_pool: 172.31.255.0/24 53 | mlag_interfaces: [ Ethernet3, Ethernet4 ] 54 | mlag_peer_ipv4_pool: 10.255.252.0/24 55 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 56 | virtual_router_mac_address: 00:1c:73:00:dc:01 57 | bgp_defaults: 58 | - 'no bgp default ipv4-unicast' 59 | - 'distance bgp 20 200 200' 60 | - 'graceful-restart restart-time 300' 61 | - 'graceful-restart' 62 | spanning_tree_mode: mstp 63 | spanning_tree_priority: 16384 64 | node_groups: 65 | DC1_LEAF1: 66 | bgp_as: 65101 67 | nodes: 68 | DC1-LEAF1A: 69 | id: 1 70 | mgmt_ip: 10.255.0.13/24 71 | uplink_switch_interfaces: [Ethernet1, Ethernet1] 72 | DC1-LEAF1B: 73 | id: 2 74 | mgmt_ip: 10.255.0.14/24 75 | uplink_switch_interfaces: [Ethernet2, Ethernet2] 76 | DC1_LEAF2: 77 | bgp_as: 65102 78 | nodes: 79 | DC1-LEAF2A: 80 | id: 3 81 | mgmt_ip: 10.255.0.15/24 82 | uplink_switch_interfaces: [Ethernet3, Ethernet3] 83 | DC1-LEAF2B: 84 | id: 4 85 | mgmt_ip: 10.255.0.16/24 86 | uplink_switch_interfaces: [Ethernet4, Ethernet4] 87 | 88 | 89 | l2leaf: 90 | defaults: 91 | platform: vEOS-LAB 92 | uplink_switches: ['DC1-LEAF1A', 'DC1-LEAF1B'] 93 | uplink_interfaces: [ Ethernet1, Ethernet2 ] 94 | mlag_interfaces: [ Ethernet3, Ethernet4 ] 95 | mlag_peer_ipv4_pool: 10.255.252.0/24 96 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 97 | virtual_router_mac_address: 00:1c:73:00:dc:01 98 | spanning_tree_mode: mstp 99 | spanning_tree_priority: 16384 100 | mlag: false 101 | node_groups: 102 | DC1_L2LEAF1: 103 | uplink_switches: [ DC1-LEAF1A, DC1-LEAF1B ] 104 | filter: 105 | tenants: [ Tenant_A ] 106 | tags: [ opzone, web, app ] 107 | nodes: 108 | DC1-L2LEAF1A: 109 | id: 5 110 | mgmt_ip: 10.255.0.17/24 111 | uplink_switch_interfaces: [ Ethernet5, Ethernet5 ] 112 | DC1_L2LEAF2: 113 | uplink_switches: [ DC1-LEAF2A, DC1-LEAF2B ] 114 | filter: 115 | tenants: [ Tenant_A ] 116 | tags: [ opzone, web, app ] 117 | nodes: 118 | DC1-L2LEAF2A: 119 | id: 7 120 | mgmt_ip: 10.255.0.18/24 121 | uplink_switch_interfaces: [ Ethernet5, Ethernet5 ] 122 | 123 | #### Override for vEOS Lab Caveats #### 124 | 125 | # Disable update wait-for-convergence and update wait-for-install, 126 | # which is not supported in vEOS-LAB. 127 | # Refer to design guide 128 | 129 | # Update p2p mtu 9000 -> 1500 130 | p2p_uplinks_mtu: 1500 131 | 132 | # Adjust default bfd values 133 | bfd_multihop: 134 | interval: 1200 135 | min_rx: 1200 136 | multiplier: 3 137 | 138 | # List of additional CVP configlets to bind to devices and containers 139 | # Configlets MUST be configured on CVP before running AVD playbooks. 140 | 141 | # cv_configlets: 142 | # containers: 143 | # DC1_L3LEAFS: 144 | # - ASE_GLOBAL-ALIASES 145 | -------------------------------------------------------------------------------- /inventory/group_vars/DC1_SERVERS.yml: -------------------------------------------------------------------------------- 1 | --- 2 | port_profiles: 3 | TENANT_A_B: 4 | mode: trunk 5 | vlans: "110-111,210-211" 6 | TENANT_A: 7 | mode: access 8 | vlans: "110" 9 | TENANT_B: 10 | mode: trunk 11 | vlans: "210-211" 12 | 13 | servers: 14 | server01: 15 | rack: RackA 16 | adapters: 17 | - type: nic 18 | server_ports: [Eth0] 19 | switch_ports: [Ethernet5] 20 | switches: [DC1-L2LEAF1A] 21 | profile: TENANT_A 22 | server02: 23 | rack: RackA 24 | adapters: 25 | - type: nic 26 | server_ports: [Eth0] 27 | switch_ports: [Ethernet5] 28 | switches: [DC1-L2LEAF2A] 29 | profile: TENANT_A 30 | -------------------------------------------------------------------------------- /inventory/group_vars/DC1_TENANTS_NETWORKS.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # DC1 Tenants Networks 3 | # Documentation of Tenant specific information - Vlans/VRFs 4 | tenants: 5 | # Tenant A Specific Information - VRFs / VLANs 6 | Tenant_A: 7 | mac_vrf_vni_base: 10000 8 | vrfs: 9 | Tenant_A_OP_Zone: 10 | vrf_vni: 10 11 | vtep_diagnostic: 12 | loopback: 100 13 | loopback_ip_range: 10.255.1.0/24 14 | svis: 15 | 110: 16 | name: Tenant_A_OP_Zone_1 17 | tags: [opzone] 18 | enabled: true 19 | ip_address_virtual: 10.1.10.1/24 20 | 111: 21 | vni_override: 50111 22 | name: Tenant_A_OP_Zone_2 23 | tags: [opzone] 24 | enabled: true 25 | ip_address_virtual: 10.1.11.1/24 26 | 112: 27 | vni_override: 50112 28 | name: Tenant_A_OP_Zone_3 29 | tags: [opzone] 30 | enabled: true 31 | ip_address_virtual: 10.1.12.254/24 32 | Tenant_A_WEB_Zone: 33 | vrf_vni: 11 34 | svis: 35 | 120: 36 | name: Tenant_A_WEB_Zone_1 37 | tags: [web, erp1] 38 | enabled: true 39 | ip_subnet: 10.1.20.0/24 40 | 121: 41 | name: Tenant_A_WEBZone_2 42 | tags: [web] 43 | enabled: true 44 | ip_address_virtual: 10.1.21.1/24 45 | Tenant_A_APP_Zone: 46 | vrf_vni: 12 47 | svis: 48 | 130: 49 | name: Tenant_A_APP_Zone_1 50 | tags: [app, erp1] 51 | enabled: true 52 | ip_subnet: 10.1.30.0/24 53 | 131: 54 | name: Tenant_A_APP_Zone_2 55 | tags: [app] 56 | enabled: true 57 | ip_address_virtual: 10.1.31.254/24 58 | Tenant_A_DB_Zone: 59 | vrf_vni: 13 60 | svis: 61 | 140: 62 | name: Tenant_A_DB_BZone_1 63 | tags: [db, erp1] 64 | enabled: true 65 | ip_address_virtual: 10.1.40.1/24 66 | 141: 67 | name: Tenant_A_DB_Zone_2 68 | tags: [db] 69 | enabled: true 70 | ip_address_virtual: 10.1.41.1/24 71 | Tenant_A_WAN_Zone: 72 | vrf_vni: 14 73 | svis: 74 | 150: 75 | name: Tenant_A_WAN_Zone_1 76 | tags: [wan] 77 | enabled: true 78 | ip_address_virtual: 10.1.40.1/24 79 | l2vlans: 80 | 160: 81 | vni_override: 55160 82 | name: Tenant_A_VMOTION 83 | tags: [vmotion] 84 | 161: 85 | name: Tenant_A_NFS 86 | tags: [nfs] 87 | 88 | # Tenant B Specific Information - VRFs / VLANs 89 | Tenant_B: 90 | mac_vrf_vni_base: 20000 91 | vrfs: 92 | Tenant_B_OP_Zone: 93 | vrf_vni: 20 94 | svis: 95 | 210: 96 | name: Tenant_B_OP_Zone_1 97 | tags: [opzone] 98 | enabled: true 99 | ip_subnet: 10.2.10.0/24 100 | 211: 101 | name: Tenant_B_OP_Zone_2 102 | tags: [opzone] 103 | enabled: true 104 | ip_address_virtual: 10.2.11.1/24 105 | Tenant_B_WAN_Zone: 106 | vrf_vni: 21 107 | svis: 108 | 250: 109 | name: Tenant_B_WAN_Zone_1 110 | tags: [wan] 111 | enabled: true 112 | ip_address_virtual: 10.2.50.1/24 113 | 114 | # Tenant C Specific Information - VRFs / VLANs 115 | Tenant_C: 116 | mac_vrf_vni_base: 30000 117 | vrfs: 118 | Tenant_C_OP_Zone: 119 | vrf_vni: 30 120 | svis: 121 | 310: 122 | name: Tenant_C_OP_Zone_1 123 | tags: [opzone] 124 | enabled: true 125 | ip_subnet: 10.3.10.0/24 126 | 311: 127 | name: Tenant_C_OP_Zone_2 128 | tags: [opzone] 129 | enabled: true 130 | ip_subnet: 10.3.11.1/24 131 | Tenant_C_WAN_Zone: 132 | vrf_vni: 31 133 | svis: 134 | 350: 135 | name: Tenant_C_WAN_Zone_1 136 | tags: [wan] 137 | enabled: true 138 | ip_subnet: 10.3.50.1/24 139 | -------------------------------------------------------------------------------- /inventory/intended/configs/DC1-L2LEAF1A.cfg: -------------------------------------------------------------------------------- 1 | !RANCID-CONTENT-TYPE: arista 2 | ! 3 | daemon TerminAttr 4 | exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs 5 | no shutdown 6 | ! 7 | vlan internal order ascending range 1006 1199 8 | ! 9 | transceiver qsfp default-mode 4x10G 10 | ! 11 | service routing protocols model multi-agent 12 | ! 13 | hostname DC1-L2LEAF1A 14 | ip name-server vrf MGMT 8.8.8.8 15 | ip name-server vrf MGMT 192.168.2.1 16 | ! 17 | ntp local-interface vrf MGMT Management1 18 | ntp server vrf MGMT 0.fr.pool.ntp.org prefer 19 | ntp server vrf MGMT 1.fr.pool.ntp.org 20 | ! 21 | spanning-tree mode mstp 22 | spanning-tree mst 0 priority 16384 23 | ! 24 | no aaa root 25 | no enable password 26 | ! 27 | username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 28 | username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 29 | username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 30 | ! 31 | vlan 110 32 | name Tenant_A_OP_Zone_1 33 | ! 34 | vlan 111 35 | name Tenant_A_OP_Zone_2 36 | ! 37 | vlan 112 38 | name Tenant_A_OP_Zone_3 39 | ! 40 | vlan 120 41 | name Tenant_A_WEB_Zone_1 42 | ! 43 | vlan 121 44 | name Tenant_A_WEBZone_2 45 | ! 46 | vlan 130 47 | name Tenant_A_APP_Zone_1 48 | ! 49 | vlan 131 50 | name Tenant_A_APP_Zone_2 51 | ! 52 | vrf instance MGMT 53 | ! 54 | interface Port-Channel1 55 | description DC1_LEAF1_Po5 56 | no shutdown 57 | switchport 58 | switchport trunk allowed vlan 110-112,120-121,130-131 59 | switchport mode trunk 60 | ! 61 | interface Ethernet1 62 | description DC1-LEAF1A_Ethernet5 63 | no shutdown 64 | channel-group 1 mode active 65 | ! 66 | interface Ethernet2 67 | description DC1-LEAF1B_Ethernet5 68 | no shutdown 69 | channel-group 1 mode active 70 | ! 71 | interface Ethernet5 72 | description server01_Eth0 73 | no shutdown 74 | switchport 75 | switchport access vlan 110 76 | switchport mode access 77 | ! 78 | interface Management1 79 | description oob_management 80 | no shutdown 81 | vrf MGMT 82 | ip address 10.255.0.17/24 83 | ! 84 | ip routing 85 | no ip routing vrf MGMT 86 | ! 87 | ip route vrf MGMT 0.0.0.0/0 10.255.0.1 88 | ! 89 | management api http-commands 90 | protocol https 91 | no shutdown 92 | ! 93 | vrf MGMT 94 | no shutdown 95 | ! 96 | end 97 | -------------------------------------------------------------------------------- /inventory/intended/configs/DC1-L2LEAF2A.cfg: -------------------------------------------------------------------------------- 1 | !RANCID-CONTENT-TYPE: arista 2 | ! 3 | daemon TerminAttr 4 | exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs 5 | no shutdown 6 | ! 7 | vlan internal order ascending range 1006 1199 8 | ! 9 | transceiver qsfp default-mode 4x10G 10 | ! 11 | service routing protocols model multi-agent 12 | ! 13 | hostname DC1-L2LEAF2A 14 | ip name-server vrf MGMT 8.8.8.8 15 | ip name-server vrf MGMT 192.168.2.1 16 | ! 17 | ntp local-interface vrf MGMT Management1 18 | ntp server vrf MGMT 0.fr.pool.ntp.org prefer 19 | ntp server vrf MGMT 1.fr.pool.ntp.org 20 | ! 21 | spanning-tree mode mstp 22 | spanning-tree mst 0 priority 16384 23 | ! 24 | no aaa root 25 | no enable password 26 | ! 27 | username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 28 | username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 29 | username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 30 | ! 31 | vlan 110 32 | name Tenant_A_OP_Zone_1 33 | ! 34 | vlan 111 35 | name Tenant_A_OP_Zone_2 36 | ! 37 | vlan 112 38 | name Tenant_A_OP_Zone_3 39 | ! 40 | vlan 120 41 | name Tenant_A_WEB_Zone_1 42 | ! 43 | vlan 121 44 | name Tenant_A_WEBZone_2 45 | ! 46 | vlan 130 47 | name Tenant_A_APP_Zone_1 48 | ! 49 | vlan 131 50 | name Tenant_A_APP_Zone_2 51 | ! 52 | vrf instance MGMT 53 | ! 54 | interface Port-Channel1 55 | description DC1_LEAF2_Po5 56 | no shutdown 57 | switchport 58 | switchport trunk allowed vlan 110-112,120-121,130-131 59 | switchport mode trunk 60 | ! 61 | interface Ethernet1 62 | description DC1-LEAF2A_Ethernet5 63 | no shutdown 64 | channel-group 1 mode active 65 | ! 66 | interface Ethernet2 67 | description DC1-LEAF2B_Ethernet5 68 | no shutdown 69 | channel-group 1 mode active 70 | ! 71 | interface Ethernet5 72 | description server02_Eth0 73 | no shutdown 74 | switchport 75 | switchport access vlan 110 76 | switchport mode access 77 | ! 78 | interface Management1 79 | description oob_management 80 | no shutdown 81 | vrf MGMT 82 | ip address 10.255.0.18/24 83 | ! 84 | ip routing 85 | no ip routing vrf MGMT 86 | ! 87 | ip route vrf MGMT 0.0.0.0/0 10.255.0.1 88 | ! 89 | management api http-commands 90 | protocol https 91 | no shutdown 92 | ! 93 | vrf MGMT 94 | no shutdown 95 | ! 96 | end 97 | -------------------------------------------------------------------------------- /inventory/intended/configs/DC1-LEAF1A.cfg: -------------------------------------------------------------------------------- 1 | !RANCID-CONTENT-TYPE: arista 2 | ! 3 | daemon TerminAttr 4 | exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs 5 | no shutdown 6 | ! 7 | vlan internal order ascending range 1006 1199 8 | ! 9 | transceiver qsfp default-mode 4x10G 10 | ! 11 | service routing protocols model multi-agent 12 | ! 13 | hostname DC1-LEAF1A 14 | ip name-server vrf MGMT 8.8.8.8 15 | ip name-server vrf MGMT 192.168.2.1 16 | ! 17 | ntp local-interface vrf MGMT Management1 18 | ntp server vrf MGMT 0.fr.pool.ntp.org prefer 19 | ntp server vrf MGMT 1.fr.pool.ntp.org 20 | ! 21 | spanning-tree mode mstp 22 | no spanning-tree vlan-id 4093-4094 23 | spanning-tree mst 0 priority 16384 24 | ! 25 | no aaa root 26 | no enable password 27 | ! 28 | username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 29 | username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 30 | username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 31 | ! 32 | vlan 110 33 | name Tenant_A_OP_Zone_1 34 | ! 35 | vlan 111 36 | name Tenant_A_OP_Zone_2 37 | ! 38 | vlan 112 39 | name Tenant_A_OP_Zone_3 40 | ! 41 | vlan 120 42 | name Tenant_A_WEB_Zone_1 43 | ! 44 | vlan 121 45 | name Tenant_A_WEBZone_2 46 | ! 47 | vlan 130 48 | name Tenant_A_APP_Zone_1 49 | ! 50 | vlan 131 51 | name Tenant_A_APP_Zone_2 52 | ! 53 | vlan 140 54 | name Tenant_A_DB_BZone_1 55 | ! 56 | vlan 141 57 | name Tenant_A_DB_Zone_2 58 | ! 59 | vlan 150 60 | name Tenant_A_WAN_Zone_1 61 | ! 62 | vlan 160 63 | name Tenant_A_VMOTION 64 | ! 65 | vlan 161 66 | name Tenant_A_NFS 67 | ! 68 | vlan 210 69 | name Tenant_B_OP_Zone_1 70 | ! 71 | vlan 211 72 | name Tenant_B_OP_Zone_2 73 | ! 74 | vlan 250 75 | name Tenant_B_WAN_Zone_1 76 | ! 77 | vlan 310 78 | name Tenant_C_OP_Zone_1 79 | ! 80 | vlan 311 81 | name Tenant_C_OP_Zone_2 82 | ! 83 | vlan 350 84 | name Tenant_C_WAN_Zone_1 85 | ! 86 | vlan 3009 87 | name MLAG_iBGP_Tenant_A_OP_Zone 88 | trunk group LEAF_PEER_L3 89 | ! 90 | vlan 3010 91 | name MLAG_iBGP_Tenant_A_WEB_Zone 92 | trunk group LEAF_PEER_L3 93 | ! 94 | vlan 3011 95 | name MLAG_iBGP_Tenant_A_APP_Zone 96 | trunk group LEAF_PEER_L3 97 | ! 98 | vlan 3012 99 | name MLAG_iBGP_Tenant_A_DB_Zone 100 | trunk group LEAF_PEER_L3 101 | ! 102 | vlan 3013 103 | name MLAG_iBGP_Tenant_A_WAN_Zone 104 | trunk group LEAF_PEER_L3 105 | ! 106 | vlan 3019 107 | name MLAG_iBGP_Tenant_B_OP_Zone 108 | trunk group LEAF_PEER_L3 109 | ! 110 | vlan 3020 111 | name MLAG_iBGP_Tenant_B_WAN_Zone 112 | trunk group LEAF_PEER_L3 113 | ! 114 | vlan 3029 115 | name MLAG_iBGP_Tenant_C_OP_Zone 116 | trunk group LEAF_PEER_L3 117 | ! 118 | vlan 3030 119 | name MLAG_iBGP_Tenant_C_WAN_Zone 120 | trunk group LEAF_PEER_L3 121 | ! 122 | vlan 4093 123 | name LEAF_PEER_L3 124 | trunk group LEAF_PEER_L3 125 | ! 126 | vlan 4094 127 | name MLAG_PEER 128 | trunk group MLAG 129 | ! 130 | vrf instance MGMT 131 | ! 132 | vrf instance Tenant_A_APP_Zone 133 | ! 134 | vrf instance Tenant_A_DB_Zone 135 | ! 136 | vrf instance Tenant_A_OP_Zone 137 | ! 138 | vrf instance Tenant_A_WAN_Zone 139 | ! 140 | vrf instance Tenant_A_WEB_Zone 141 | ! 142 | vrf instance Tenant_B_OP_Zone 143 | ! 144 | vrf instance Tenant_B_WAN_Zone 145 | ! 146 | vrf instance Tenant_C_OP_Zone 147 | ! 148 | vrf instance Tenant_C_WAN_Zone 149 | ! 150 | interface Port-Channel3 151 | description MLAG_PEER_DC1-LEAF1B_Po3 152 | no shutdown 153 | switchport 154 | switchport trunk allowed vlan 2-4094 155 | switchport mode trunk 156 | switchport trunk group LEAF_PEER_L3 157 | switchport trunk group MLAG 158 | ! 159 | interface Port-Channel5 160 | description DC1-L2LEAF1A_Po1 161 | no shutdown 162 | switchport 163 | switchport trunk allowed vlan 110-112,120-121,130-131 164 | switchport mode trunk 165 | mlag 5 166 | ! 167 | interface Ethernet1 168 | description P2P_LINK_TO_DC1-SPINE1_Ethernet1 169 | no shutdown 170 | mtu 1500 171 | no switchport 172 | ip address 172.31.255.1/31 173 | ! 174 | interface Ethernet2 175 | description P2P_LINK_TO_DC1-SPINE2_Ethernet1 176 | no shutdown 177 | mtu 1500 178 | no switchport 179 | ip address 172.31.255.3/31 180 | ! 181 | interface Ethernet3 182 | description MLAG_PEER_DC1-LEAF1B_Ethernet3 183 | no shutdown 184 | channel-group 3 mode active 185 | ! 186 | interface Ethernet4 187 | description MLAG_PEER_DC1-LEAF1B_Ethernet4 188 | no shutdown 189 | channel-group 3 mode active 190 | ! 191 | interface Ethernet5 192 | description DC1-L2LEAF1A_Ethernet1 193 | no shutdown 194 | channel-group 5 mode active 195 | ! 196 | interface Loopback0 197 | description EVPN_Overlay_Peering 198 | no shutdown 199 | ip address 192.168.255.3/32 200 | ! 201 | interface Loopback1 202 | description VTEP_VXLAN_Tunnel_Source 203 | no shutdown 204 | ip address 192.168.254.3/32 205 | ! 206 | interface Loopback100 207 | description Tenant_A_OP_Zone_VTEP_DIAGNOSTICS 208 | no shutdown 209 | vrf Tenant_A_OP_Zone 210 | ip address 10.255.1.3/32 211 | ! 212 | interface Management1 213 | description oob_management 214 | no shutdown 215 | vrf MGMT 216 | ip address 10.255.0.13/24 217 | ! 218 | interface Vlan110 219 | description Tenant_A_OP_Zone_1 220 | no shutdown 221 | vrf Tenant_A_OP_Zone 222 | ip address virtual 10.1.10.1/24 223 | ! 224 | interface Vlan111 225 | description Tenant_A_OP_Zone_2 226 | no shutdown 227 | vrf Tenant_A_OP_Zone 228 | ip address virtual 10.1.11.1/24 229 | ! 230 | interface Vlan112 231 | description Tenant_A_OP_Zone_3 232 | no shutdown 233 | vrf Tenant_A_OP_Zone 234 | ip address virtual 10.1.12.254/24 235 | ! 236 | interface Vlan120 237 | description Tenant_A_WEB_Zone_1 238 | no shutdown 239 | vrf Tenant_A_WEB_Zone 240 | ! 241 | interface Vlan121 242 | description Tenant_A_WEBZone_2 243 | no shutdown 244 | vrf Tenant_A_WEB_Zone 245 | ip address virtual 10.1.21.1/24 246 | ! 247 | interface Vlan130 248 | description Tenant_A_APP_Zone_1 249 | no shutdown 250 | vrf Tenant_A_APP_Zone 251 | ! 252 | interface Vlan131 253 | description Tenant_A_APP_Zone_2 254 | no shutdown 255 | vrf Tenant_A_APP_Zone 256 | ip address virtual 10.1.31.254/24 257 | ! 258 | interface Vlan140 259 | description Tenant_A_DB_BZone_1 260 | no shutdown 261 | vrf Tenant_A_DB_Zone 262 | ip address virtual 10.1.40.1/24 263 | ! 264 | interface Vlan141 265 | description Tenant_A_DB_Zone_2 266 | no shutdown 267 | vrf Tenant_A_DB_Zone 268 | ip address virtual 10.1.41.1/24 269 | ! 270 | interface Vlan150 271 | description Tenant_A_WAN_Zone_1 272 | no shutdown 273 | vrf Tenant_A_WAN_Zone 274 | ip address virtual 10.1.40.1/24 275 | ! 276 | interface Vlan210 277 | description Tenant_B_OP_Zone_1 278 | no shutdown 279 | vrf Tenant_B_OP_Zone 280 | ! 281 | interface Vlan211 282 | description Tenant_B_OP_Zone_2 283 | no shutdown 284 | vrf Tenant_B_OP_Zone 285 | ip address virtual 10.2.11.1/24 286 | ! 287 | interface Vlan250 288 | description Tenant_B_WAN_Zone_1 289 | no shutdown 290 | vrf Tenant_B_WAN_Zone 291 | ip address virtual 10.2.50.1/24 292 | ! 293 | interface Vlan310 294 | description Tenant_C_OP_Zone_1 295 | no shutdown 296 | vrf Tenant_C_OP_Zone 297 | ! 298 | interface Vlan311 299 | description Tenant_C_OP_Zone_2 300 | no shutdown 301 | vrf Tenant_C_OP_Zone 302 | ! 303 | interface Vlan350 304 | description Tenant_C_WAN_Zone_1 305 | no shutdown 306 | vrf Tenant_C_WAN_Zone 307 | ! 308 | interface Vlan3009 309 | description MLAG_PEER_L3_iBGP: vrf Tenant_A_OP_Zone 310 | no shutdown 311 | mtu 1500 312 | vrf Tenant_A_OP_Zone 313 | ip address 10.255.251.0/31 314 | ! 315 | interface Vlan3010 316 | description MLAG_PEER_L3_iBGP: vrf Tenant_A_WEB_Zone 317 | no shutdown 318 | mtu 1500 319 | vrf Tenant_A_WEB_Zone 320 | ip address 10.255.251.0/31 321 | ! 322 | interface Vlan3011 323 | description MLAG_PEER_L3_iBGP: vrf Tenant_A_APP_Zone 324 | no shutdown 325 | mtu 1500 326 | vrf Tenant_A_APP_Zone 327 | ip address 10.255.251.0/31 328 | ! 329 | interface Vlan3012 330 | description MLAG_PEER_L3_iBGP: vrf Tenant_A_DB_Zone 331 | no shutdown 332 | mtu 1500 333 | vrf Tenant_A_DB_Zone 334 | ip address 10.255.251.0/31 335 | ! 336 | interface Vlan3013 337 | description MLAG_PEER_L3_iBGP: vrf Tenant_A_WAN_Zone 338 | no shutdown 339 | mtu 1500 340 | vrf Tenant_A_WAN_Zone 341 | ip address 10.255.251.0/31 342 | ! 343 | interface Vlan3019 344 | description MLAG_PEER_L3_iBGP: vrf Tenant_B_OP_Zone 345 | no shutdown 346 | mtu 1500 347 | vrf Tenant_B_OP_Zone 348 | ip address 10.255.251.0/31 349 | ! 350 | interface Vlan3020 351 | description MLAG_PEER_L3_iBGP: vrf Tenant_B_WAN_Zone 352 | no shutdown 353 | mtu 1500 354 | vrf Tenant_B_WAN_Zone 355 | ip address 10.255.251.0/31 356 | ! 357 | interface Vlan3029 358 | description MLAG_PEER_L3_iBGP: vrf Tenant_C_OP_Zone 359 | no shutdown 360 | mtu 1500 361 | vrf Tenant_C_OP_Zone 362 | ip address 10.255.251.0/31 363 | ! 364 | interface Vlan3030 365 | description MLAG_PEER_L3_iBGP: vrf Tenant_C_WAN_Zone 366 | no shutdown 367 | mtu 1500 368 | vrf Tenant_C_WAN_Zone 369 | ip address 10.255.251.0/31 370 | ! 371 | interface Vlan4093 372 | description MLAG_PEER_L3_PEERING 373 | no shutdown 374 | mtu 1500 375 | ip address 10.255.251.0/31 376 | ! 377 | interface Vlan4094 378 | description MLAG_PEER 379 | no shutdown 380 | mtu 1500 381 | no autostate 382 | ip address 10.255.252.0/31 383 | ! 384 | interface Vxlan1 385 | description DC1-LEAF1A_VTEP 386 | vxlan source-interface Loopback1 387 | vxlan virtual-router encapsulation mac-address mlag-system-id 388 | vxlan udp-port 4789 389 | vxlan vlan 110 vni 10110 390 | vxlan vlan 111 vni 50111 391 | vxlan vlan 112 vni 50112 392 | vxlan vlan 120 vni 10120 393 | vxlan vlan 121 vni 10121 394 | vxlan vlan 130 vni 10130 395 | vxlan vlan 131 vni 10131 396 | vxlan vlan 140 vni 10140 397 | vxlan vlan 141 vni 10141 398 | vxlan vlan 150 vni 10150 399 | vxlan vlan 160 vni 55160 400 | vxlan vlan 161 vni 10161 401 | vxlan vlan 210 vni 20210 402 | vxlan vlan 211 vni 20211 403 | vxlan vlan 250 vni 20250 404 | vxlan vlan 310 vni 30310 405 | vxlan vlan 311 vni 30311 406 | vxlan vlan 350 vni 30350 407 | vxlan vrf Tenant_A_APP_Zone vni 12 408 | vxlan vrf Tenant_A_DB_Zone vni 13 409 | vxlan vrf Tenant_A_OP_Zone vni 10 410 | vxlan vrf Tenant_A_WAN_Zone vni 14 411 | vxlan vrf Tenant_A_WEB_Zone vni 11 412 | vxlan vrf Tenant_B_OP_Zone vni 20 413 | vxlan vrf Tenant_B_WAN_Zone vni 21 414 | vxlan vrf Tenant_C_OP_Zone vni 30 415 | vxlan vrf Tenant_C_WAN_Zone vni 31 416 | ! 417 | ip virtual-router mac-address 00:1c:73:00:dc:01 418 | ! 419 | ip address virtual source-nat vrf Tenant_A_OP_Zone address 10.255.1.3 420 | ! 421 | ip routing 422 | no ip routing vrf MGMT 423 | ip routing vrf Tenant_A_APP_Zone 424 | ip routing vrf Tenant_A_DB_Zone 425 | ip routing vrf Tenant_A_OP_Zone 426 | ip routing vrf Tenant_A_WAN_Zone 427 | ip routing vrf Tenant_A_WEB_Zone 428 | ip routing vrf Tenant_B_OP_Zone 429 | ip routing vrf Tenant_B_WAN_Zone 430 | ip routing vrf Tenant_C_OP_Zone 431 | ip routing vrf Tenant_C_WAN_Zone 432 | ! 433 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 434 | seq 10 permit 192.168.255.0/24 eq 32 435 | seq 20 permit 192.168.254.0/24 eq 32 436 | ! 437 | mlag configuration 438 | domain-id DC1_LEAF1 439 | local-interface Vlan4094 440 | peer-address 10.255.252.1 441 | peer-link Port-Channel3 442 | reload-delay mlag 300 443 | reload-delay non-mlag 330 444 | ! 445 | ip route vrf MGMT 0.0.0.0/0 10.255.0.1 446 | ! 447 | route-map RM-CONN-2-BGP permit 10 448 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 449 | ! 450 | route-map RM-MLAG-PEER-IN permit 10 451 | description Make routes learned over MLAG Peer-link less preferred on spines to ensure optimal routing 452 | set origin incomplete 453 | ! 454 | router bfd 455 | multihop interval 1200 min-rx 1200 multiplier 3 456 | ! 457 | router bgp 65101 458 | router-id 192.168.255.3 459 | no bgp default ipv4-unicast 460 | distance bgp 20 200 200 461 | graceful-restart restart-time 300 462 | graceful-restart 463 | maximum-paths 4 ecmp 4 464 | neighbor EVPN-OVERLAY-PEERS peer group 465 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 466 | neighbor EVPN-OVERLAY-PEERS bfd 467 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 468 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 469 | neighbor EVPN-OVERLAY-PEERS send-community 470 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 471 | neighbor IPv4-UNDERLAY-PEERS peer group 472 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 473 | neighbor IPv4-UNDERLAY-PEERS send-community 474 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 475 | neighbor MLAG-IPv4-UNDERLAY-PEER peer group 476 | neighbor MLAG-IPv4-UNDERLAY-PEER remote-as 65101 477 | neighbor MLAG-IPv4-UNDERLAY-PEER next-hop-self 478 | neighbor MLAG-IPv4-UNDERLAY-PEER password 7 vnEaG8gMeQf3d3cN6PktXQ== 479 | neighbor MLAG-IPv4-UNDERLAY-PEER send-community 480 | neighbor MLAG-IPv4-UNDERLAY-PEER maximum-routes 12000 481 | neighbor MLAG-IPv4-UNDERLAY-PEER route-map RM-MLAG-PEER-IN in 482 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 483 | neighbor 10.255.251.1 description DC1-LEAF1B 484 | neighbor 172.31.255.0 peer group IPv4-UNDERLAY-PEERS 485 | neighbor 172.31.255.0 remote-as 65001 486 | neighbor 172.31.255.0 description DC1-SPINE1_Ethernet1 487 | neighbor 172.31.255.2 peer group IPv4-UNDERLAY-PEERS 488 | neighbor 172.31.255.2 remote-as 65001 489 | neighbor 172.31.255.2 description DC1-SPINE2_Ethernet1 490 | neighbor 192.168.255.1 peer group EVPN-OVERLAY-PEERS 491 | neighbor 192.168.255.1 remote-as 65001 492 | neighbor 192.168.255.1 description DC1-SPINE1 493 | neighbor 192.168.255.2 peer group EVPN-OVERLAY-PEERS 494 | neighbor 192.168.255.2 remote-as 65001 495 | neighbor 192.168.255.2 description DC1-SPINE2 496 | redistribute connected route-map RM-CONN-2-BGP 497 | ! 498 | vlan-aware-bundle Tenant_A_APP_Zone 499 | rd 192.168.255.3:12 500 | route-target both 12:12 501 | redistribute learned 502 | vlan 130-131 503 | ! 504 | vlan-aware-bundle Tenant_A_DB_Zone 505 | rd 192.168.255.3:13 506 | route-target both 13:13 507 | redistribute learned 508 | vlan 140-141 509 | ! 510 | vlan-aware-bundle Tenant_A_NFS 511 | rd 192.168.255.3:10161 512 | route-target both 10161:10161 513 | redistribute learned 514 | vlan 161 515 | ! 516 | vlan-aware-bundle Tenant_A_OP_Zone 517 | rd 192.168.255.3:10 518 | route-target both 10:10 519 | redistribute learned 520 | vlan 110-112 521 | ! 522 | vlan-aware-bundle Tenant_A_VMOTION 523 | rd 192.168.255.3:55160 524 | route-target both 55160:55160 525 | redistribute learned 526 | vlan 160 527 | ! 528 | vlan-aware-bundle Tenant_A_WAN_Zone 529 | rd 192.168.255.3:14 530 | route-target both 14:14 531 | redistribute learned 532 | vlan 150 533 | ! 534 | vlan-aware-bundle Tenant_A_WEB_Zone 535 | rd 192.168.255.3:11 536 | route-target both 11:11 537 | redistribute learned 538 | vlan 120-121 539 | ! 540 | vlan-aware-bundle Tenant_B_OP_Zone 541 | rd 192.168.255.3:20 542 | route-target both 20:20 543 | redistribute learned 544 | vlan 210-211 545 | ! 546 | vlan-aware-bundle Tenant_B_WAN_Zone 547 | rd 192.168.255.3:21 548 | route-target both 21:21 549 | redistribute learned 550 | vlan 250 551 | ! 552 | vlan-aware-bundle Tenant_C_OP_Zone 553 | rd 192.168.255.3:30 554 | route-target both 30:30 555 | redistribute learned 556 | vlan 310-311 557 | ! 558 | vlan-aware-bundle Tenant_C_WAN_Zone 559 | rd 192.168.255.3:31 560 | route-target both 31:31 561 | redistribute learned 562 | vlan 350 563 | ! 564 | address-family evpn 565 | neighbor EVPN-OVERLAY-PEERS activate 566 | ! 567 | address-family ipv4 568 | no neighbor EVPN-OVERLAY-PEERS activate 569 | neighbor IPv4-UNDERLAY-PEERS activate 570 | neighbor MLAG-IPv4-UNDERLAY-PEER activate 571 | ! 572 | vrf Tenant_A_APP_Zone 573 | rd 192.168.255.3:12 574 | route-target import evpn 12:12 575 | route-target export evpn 12:12 576 | router-id 192.168.255.3 577 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 578 | redistribute connected 579 | ! 580 | vrf Tenant_A_DB_Zone 581 | rd 192.168.255.3:13 582 | route-target import evpn 13:13 583 | route-target export evpn 13:13 584 | router-id 192.168.255.3 585 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 586 | redistribute connected 587 | ! 588 | vrf Tenant_A_OP_Zone 589 | rd 192.168.255.3:10 590 | route-target import evpn 10:10 591 | route-target export evpn 10:10 592 | router-id 192.168.255.3 593 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 594 | redistribute connected 595 | ! 596 | vrf Tenant_A_WAN_Zone 597 | rd 192.168.255.3:14 598 | route-target import evpn 14:14 599 | route-target export evpn 14:14 600 | router-id 192.168.255.3 601 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 602 | redistribute connected 603 | ! 604 | vrf Tenant_A_WEB_Zone 605 | rd 192.168.255.3:11 606 | route-target import evpn 11:11 607 | route-target export evpn 11:11 608 | router-id 192.168.255.3 609 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 610 | redistribute connected 611 | ! 612 | vrf Tenant_B_OP_Zone 613 | rd 192.168.255.3:20 614 | route-target import evpn 20:20 615 | route-target export evpn 20:20 616 | router-id 192.168.255.3 617 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 618 | redistribute connected 619 | ! 620 | vrf Tenant_B_WAN_Zone 621 | rd 192.168.255.3:21 622 | route-target import evpn 21:21 623 | route-target export evpn 21:21 624 | router-id 192.168.255.3 625 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 626 | redistribute connected 627 | ! 628 | vrf Tenant_C_OP_Zone 629 | rd 192.168.255.3:30 630 | route-target import evpn 30:30 631 | route-target export evpn 30:30 632 | router-id 192.168.255.3 633 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 634 | redistribute connected 635 | ! 636 | vrf Tenant_C_WAN_Zone 637 | rd 192.168.255.3:31 638 | route-target import evpn 31:31 639 | route-target export evpn 31:31 640 | router-id 192.168.255.3 641 | neighbor 10.255.251.1 peer group MLAG-IPv4-UNDERLAY-PEER 642 | redistribute connected 643 | ! 644 | management api http-commands 645 | protocol https 646 | no shutdown 647 | ! 648 | vrf MGMT 649 | no shutdown 650 | ! 651 | end 652 | -------------------------------------------------------------------------------- /inventory/intended/configs/DC1-SPINE1.cfg: -------------------------------------------------------------------------------- 1 | !RANCID-CONTENT-TYPE: arista 2 | ! 3 | daemon TerminAttr 4 | exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs 5 | no shutdown 6 | ! 7 | vlan internal order ascending range 1006 1199 8 | ! 9 | transceiver qsfp default-mode 4x10G 10 | ! 11 | service routing protocols model multi-agent 12 | ! 13 | hostname DC1-SPINE1 14 | ip name-server vrf MGMT 8.8.8.8 15 | ip name-server vrf MGMT 192.168.2.1 16 | ! 17 | ntp local-interface vrf MGMT Management1 18 | ntp server vrf MGMT 0.fr.pool.ntp.org prefer 19 | ntp server vrf MGMT 1.fr.pool.ntp.org 20 | ! 21 | spanning-tree mode none 22 | ! 23 | no aaa root 24 | no enable password 25 | ! 26 | username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 27 | username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 28 | username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 29 | ! 30 | vrf instance MGMT 31 | ! 32 | interface Ethernet1 33 | description P2P_LINK_TO_DC1-LEAF1A_Ethernet1 34 | no shutdown 35 | mtu 1500 36 | no switchport 37 | ip address 172.31.255.0/31 38 | ! 39 | interface Ethernet2 40 | description P2P_LINK_TO_DC1-LEAF1B_Ethernet1 41 | no shutdown 42 | mtu 1500 43 | no switchport 44 | ip address 172.31.255.4/31 45 | ! 46 | interface Ethernet3 47 | description P2P_LINK_TO_DC1-LEAF2A_Ethernet1 48 | no shutdown 49 | mtu 1500 50 | no switchport 51 | ip address 172.31.255.8/31 52 | ! 53 | interface Ethernet4 54 | description P2P_LINK_TO_DC1-LEAF2B_Ethernet1 55 | no shutdown 56 | mtu 1500 57 | no switchport 58 | ip address 172.31.255.12/31 59 | ! 60 | interface Loopback0 61 | description EVPN_Overlay_Peering 62 | no shutdown 63 | ip address 192.168.255.1/32 64 | ! 65 | interface Management1 66 | description oob_management 67 | no shutdown 68 | vrf MGMT 69 | ip address 10.255.0.11/24 70 | ! 71 | ip routing 72 | no ip routing vrf MGMT 73 | ! 74 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 75 | seq 10 permit 192.168.255.0/24 eq 32 76 | ! 77 | ip route vrf MGMT 0.0.0.0/0 10.255.0.1 78 | ! 79 | route-map RM-CONN-2-BGP permit 10 80 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 81 | ! 82 | router bfd 83 | multihop interval 1200 min-rx 1200 multiplier 3 84 | ! 85 | router bgp 65001 86 | router-id 192.168.255.1 87 | no bgp default ipv4-unicast 88 | distance bgp 20 200 200 89 | graceful-restart restart-time 300 90 | graceful-restart 91 | maximum-paths 4 ecmp 4 92 | neighbor EVPN-OVERLAY-PEERS peer group 93 | neighbor EVPN-OVERLAY-PEERS next-hop-unchanged 94 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 95 | neighbor EVPN-OVERLAY-PEERS bfd 96 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 97 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 98 | neighbor EVPN-OVERLAY-PEERS send-community 99 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 100 | neighbor IPv4-UNDERLAY-PEERS peer group 101 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 102 | neighbor IPv4-UNDERLAY-PEERS send-community 103 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 104 | neighbor 172.31.255.1 peer group IPv4-UNDERLAY-PEERS 105 | neighbor 172.31.255.1 remote-as 65101 106 | neighbor 172.31.255.1 description DC1-LEAF1A_Ethernet1 107 | neighbor 172.31.255.5 peer group IPv4-UNDERLAY-PEERS 108 | neighbor 172.31.255.5 remote-as 65101 109 | neighbor 172.31.255.5 description DC1-LEAF1B_Ethernet1 110 | neighbor 172.31.255.9 peer group IPv4-UNDERLAY-PEERS 111 | neighbor 172.31.255.9 remote-as 65102 112 | neighbor 172.31.255.9 description DC1-LEAF2A_Ethernet1 113 | neighbor 172.31.255.13 peer group IPv4-UNDERLAY-PEERS 114 | neighbor 172.31.255.13 remote-as 65102 115 | neighbor 172.31.255.13 description DC1-LEAF2B_Ethernet1 116 | neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS 117 | neighbor 192.168.255.3 remote-as 65101 118 | neighbor 192.168.255.3 description DC1-LEAF1A 119 | neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS 120 | neighbor 192.168.255.4 remote-as 65101 121 | neighbor 192.168.255.4 description DC1-LEAF1B 122 | neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS 123 | neighbor 192.168.255.5 remote-as 65102 124 | neighbor 192.168.255.5 description DC1-LEAF2A 125 | neighbor 192.168.255.6 peer group EVPN-OVERLAY-PEERS 126 | neighbor 192.168.255.6 remote-as 65102 127 | neighbor 192.168.255.6 description DC1-LEAF2B 128 | redistribute connected route-map RM-CONN-2-BGP 129 | ! 130 | address-family evpn 131 | neighbor EVPN-OVERLAY-PEERS activate 132 | ! 133 | address-family ipv4 134 | no neighbor EVPN-OVERLAY-PEERS activate 135 | neighbor IPv4-UNDERLAY-PEERS activate 136 | ! 137 | management api http-commands 138 | protocol https 139 | no shutdown 140 | ! 141 | vrf MGMT 142 | no shutdown 143 | ! 144 | end 145 | -------------------------------------------------------------------------------- /inventory/intended/configs/DC1-SPINE2.cfg: -------------------------------------------------------------------------------- 1 | !RANCID-CONTENT-TYPE: arista 2 | ! 3 | daemon TerminAttr 4 | exec /usr/bin/TerminAttr -cvaddr=10.255.0.1:9910 -cvvrf=MGMT -smashexcludes=ale,flexCounter,hardware,kni,pulse,strata -ingestexclude=/Sysdb/cell/1/agent,/Sysdb/cell/2/agent -taillogs 5 | no shutdown 6 | ! 7 | vlan internal order ascending range 1006 1199 8 | ! 9 | transceiver qsfp default-mode 4x10G 10 | ! 11 | service routing protocols model multi-agent 12 | ! 13 | hostname DC1-SPINE2 14 | ip name-server vrf MGMT 8.8.8.8 15 | ip name-server vrf MGMT 192.168.2.1 16 | ! 17 | ntp local-interface vrf MGMT Management1 18 | ntp server vrf MGMT 0.fr.pool.ntp.org prefer 19 | ntp server vrf MGMT 1.fr.pool.ntp.org 20 | ! 21 | spanning-tree mode none 22 | ! 23 | no aaa root 24 | no enable password 25 | ! 26 | username admin privilege 15 role network-admin secret sha512 $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 27 | username ansible privilege 15 role network-admin secret sha512 $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 28 | username cvpadmin privilege 15 role network-admin secret sha512 $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 29 | ! 30 | vrf instance MGMT 31 | ! 32 | interface Ethernet1 33 | description P2P_LINK_TO_DC1-LEAF1A_Ethernet2 34 | no shutdown 35 | mtu 1500 36 | no switchport 37 | ip address 172.31.255.2/31 38 | ! 39 | interface Ethernet2 40 | description P2P_LINK_TO_DC1-LEAF1B_Ethernet2 41 | no shutdown 42 | mtu 1500 43 | no switchport 44 | ip address 172.31.255.6/31 45 | ! 46 | interface Ethernet3 47 | description P2P_LINK_TO_DC1-LEAF2A_Ethernet2 48 | no shutdown 49 | mtu 1500 50 | no switchport 51 | ip address 172.31.255.10/31 52 | ! 53 | interface Ethernet4 54 | description P2P_LINK_TO_DC1-LEAF2B_Ethernet2 55 | no shutdown 56 | mtu 1500 57 | no switchport 58 | ip address 172.31.255.14/31 59 | ! 60 | interface Loopback0 61 | description EVPN_Overlay_Peering 62 | no shutdown 63 | ip address 192.168.255.2/32 64 | ! 65 | interface Management1 66 | description oob_management 67 | no shutdown 68 | vrf MGMT 69 | ip address 10.255.0.12/24 70 | ! 71 | ip routing 72 | no ip routing vrf MGMT 73 | ! 74 | ip prefix-list PL-LOOPBACKS-EVPN-OVERLAY 75 | seq 10 permit 192.168.255.0/24 eq 32 76 | ! 77 | ip route vrf MGMT 0.0.0.0/0 10.255.0.1 78 | ! 79 | route-map RM-CONN-2-BGP permit 10 80 | match ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 81 | ! 82 | router bfd 83 | multihop interval 1200 min-rx 1200 multiplier 3 84 | ! 85 | router bgp 65001 86 | router-id 192.168.255.2 87 | no bgp default ipv4-unicast 88 | distance bgp 20 200 200 89 | graceful-restart restart-time 300 90 | graceful-restart 91 | maximum-paths 4 ecmp 4 92 | neighbor EVPN-OVERLAY-PEERS peer group 93 | neighbor EVPN-OVERLAY-PEERS next-hop-unchanged 94 | neighbor EVPN-OVERLAY-PEERS update-source Loopback0 95 | neighbor EVPN-OVERLAY-PEERS bfd 96 | neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3 97 | neighbor EVPN-OVERLAY-PEERS password 7 q+VNViP5i4rVjW1cxFv2wA== 98 | neighbor EVPN-OVERLAY-PEERS send-community 99 | neighbor EVPN-OVERLAY-PEERS maximum-routes 0 100 | neighbor IPv4-UNDERLAY-PEERS peer group 101 | neighbor IPv4-UNDERLAY-PEERS password 7 AQQvKeimxJu+uGQ/yYvv9w== 102 | neighbor IPv4-UNDERLAY-PEERS send-community 103 | neighbor IPv4-UNDERLAY-PEERS maximum-routes 12000 104 | neighbor 172.31.255.3 peer group IPv4-UNDERLAY-PEERS 105 | neighbor 172.31.255.3 remote-as 65101 106 | neighbor 172.31.255.3 description DC1-LEAF1A_Ethernet2 107 | neighbor 172.31.255.7 peer group IPv4-UNDERLAY-PEERS 108 | neighbor 172.31.255.7 remote-as 65101 109 | neighbor 172.31.255.7 description DC1-LEAF1B_Ethernet2 110 | neighbor 172.31.255.11 peer group IPv4-UNDERLAY-PEERS 111 | neighbor 172.31.255.11 remote-as 65102 112 | neighbor 172.31.255.11 description DC1-LEAF2A_Ethernet2 113 | neighbor 172.31.255.15 peer group IPv4-UNDERLAY-PEERS 114 | neighbor 172.31.255.15 remote-as 65102 115 | neighbor 172.31.255.15 description DC1-LEAF2B_Ethernet2 116 | neighbor 192.168.255.3 peer group EVPN-OVERLAY-PEERS 117 | neighbor 192.168.255.3 remote-as 65101 118 | neighbor 192.168.255.3 description DC1-LEAF1A 119 | neighbor 192.168.255.4 peer group EVPN-OVERLAY-PEERS 120 | neighbor 192.168.255.4 remote-as 65101 121 | neighbor 192.168.255.4 description DC1-LEAF1B 122 | neighbor 192.168.255.5 peer group EVPN-OVERLAY-PEERS 123 | neighbor 192.168.255.5 remote-as 65102 124 | neighbor 192.168.255.5 description DC1-LEAF2A 125 | neighbor 192.168.255.6 peer group EVPN-OVERLAY-PEERS 126 | neighbor 192.168.255.6 remote-as 65102 127 | neighbor 192.168.255.6 description DC1-LEAF2B 128 | redistribute connected route-map RM-CONN-2-BGP 129 | ! 130 | address-family evpn 131 | neighbor EVPN-OVERLAY-PEERS activate 132 | ! 133 | address-family ipv4 134 | no neighbor EVPN-OVERLAY-PEERS activate 135 | neighbor IPv4-UNDERLAY-PEERS activate 136 | ! 137 | management api http-commands 138 | protocol https 139 | no shutdown 140 | ! 141 | vrf MGMT 142 | no shutdown 143 | ! 144 | end 145 | -------------------------------------------------------------------------------- /inventory/intended/structured_configs/DC1-L2LEAF1A.yml: -------------------------------------------------------------------------------- 1 | static_routes: 2 | - vrf: MGMT 3 | destination_address_prefix: 0.0.0.0/0 4 | gateway: 10.255.0.1 5 | service_routing_protocols_model: multi-agent 6 | ip_routing: true 7 | daemon_terminattr: 8 | cvaddrs: 9 | - 10.255.0.1:9910 10 | cvauth: 11 | method: key 12 | cvvrf: MGMT 13 | smashexcludes: ale,flexCounter,hardware,kni,pulse,strata 14 | ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent 15 | disable_aaa: false 16 | vlan_internal_order: 17 | allocation: ascending 18 | range: 19 | beginning: 1006 20 | ending: 1199 21 | name_server: 22 | source: 23 | vrf: MGMT 24 | nodes: 25 | - 192.168.2.1 26 | - 8.8.8.8 27 | spanning_tree: 28 | mode: mstp 29 | mst_instances: 30 | '0': 31 | priority: 16384 32 | local_users: 33 | admin: 34 | privilege: 15 35 | role: network-admin 36 | sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 37 | ansible: 38 | privilege: 15 39 | role: network-admin 40 | sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 41 | cvpadmin: 42 | privilege: 15 43 | role: network-admin 44 | sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 45 | vrfs: 46 | MGMT: 47 | ip_routing: false 48 | management_interfaces: 49 | Management1: 50 | description: oob_management 51 | shutdown: false 52 | vrf: MGMT 53 | ip_address: 10.255.0.17/24 54 | gateway: 10.255.0.1 55 | type: oob 56 | management_api_http: 57 | enable_vrfs: 58 | MGMT: {} 59 | enable_https: true 60 | ethernet_interfaces: 61 | Ethernet1: 62 | peer: DC1-LEAF1A 63 | peer_interface: Ethernet5 64 | peer_type: l3leaf 65 | description: DC1-LEAF1A_Ethernet5 66 | type: switched 67 | shutdown: false 68 | channel_group: 69 | id: 1 70 | mode: active 71 | Ethernet2: 72 | peer: DC1-LEAF1B 73 | peer_interface: Ethernet5 74 | peer_type: l3leaf 75 | description: DC1-LEAF1B_Ethernet5 76 | type: switched 77 | shutdown: false 78 | channel_group: 79 | id: 1 80 | mode: active 81 | Ethernet5: 82 | peer: server01 83 | peer_interface: Eth0 84 | peer_type: server 85 | description: server01_Eth0 86 | type: switched 87 | shutdown: false 88 | mode: access 89 | vlans: 110 90 | port_channel_interfaces: 91 | Port-Channel1: 92 | description: DC1_LEAF1_Po5 93 | type: switched 94 | shutdown: false 95 | vlans: 110-112,120-121,130-131 96 | mode: trunk 97 | vlans: 98 | 130: 99 | tenant: Tenant_A 100 | name: Tenant_A_APP_Zone_1 101 | 131: 102 | tenant: Tenant_A 103 | name: Tenant_A_APP_Zone_2 104 | 110: 105 | tenant: Tenant_A 106 | name: Tenant_A_OP_Zone_1 107 | 111: 108 | tenant: Tenant_A 109 | name: Tenant_A_OP_Zone_2 110 | 112: 111 | tenant: Tenant_A 112 | name: Tenant_A_OP_Zone_3 113 | 120: 114 | tenant: Tenant_A 115 | name: Tenant_A_WEB_Zone_1 116 | 121: 117 | tenant: Tenant_A 118 | name: Tenant_A_WEBZone_2 119 | ip_igmp_snooping: 120 | globally_enabled: true 121 | ntp: 122 | local_interface: 123 | name: Management1 124 | vrf: MGMT 125 | servers: 126 | - name: 0.fr.pool.ntp.org 127 | preferred: true 128 | vrf: MGMT 129 | - name: 1.fr.pool.ntp.org 130 | vrf: MGMT 131 | -------------------------------------------------------------------------------- /inventory/intended/structured_configs/DC1-L2LEAF2A.yml: -------------------------------------------------------------------------------- 1 | static_routes: 2 | - vrf: MGMT 3 | destination_address_prefix: 0.0.0.0/0 4 | gateway: 10.255.0.1 5 | service_routing_protocols_model: multi-agent 6 | ip_routing: true 7 | daemon_terminattr: 8 | cvaddrs: 9 | - 10.255.0.1:9910 10 | cvauth: 11 | method: key 12 | cvvrf: MGMT 13 | smashexcludes: ale,flexCounter,hardware,kni,pulse,strata 14 | ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent 15 | disable_aaa: false 16 | vlan_internal_order: 17 | allocation: ascending 18 | range: 19 | beginning: 1006 20 | ending: 1199 21 | name_server: 22 | source: 23 | vrf: MGMT 24 | nodes: 25 | - 192.168.2.1 26 | - 8.8.8.8 27 | spanning_tree: 28 | mode: mstp 29 | mst_instances: 30 | '0': 31 | priority: 16384 32 | local_users: 33 | admin: 34 | privilege: 15 35 | role: network-admin 36 | sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 37 | ansible: 38 | privilege: 15 39 | role: network-admin 40 | sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 41 | cvpadmin: 42 | privilege: 15 43 | role: network-admin 44 | sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 45 | vrfs: 46 | MGMT: 47 | ip_routing: false 48 | management_interfaces: 49 | Management1: 50 | description: oob_management 51 | shutdown: false 52 | vrf: MGMT 53 | ip_address: 10.255.0.18/24 54 | gateway: 10.255.0.1 55 | type: oob 56 | management_api_http: 57 | enable_vrfs: 58 | MGMT: {} 59 | enable_https: true 60 | ethernet_interfaces: 61 | Ethernet1: 62 | peer: DC1-LEAF2A 63 | peer_interface: Ethernet5 64 | peer_type: l3leaf 65 | description: DC1-LEAF2A_Ethernet5 66 | type: switched 67 | shutdown: false 68 | channel_group: 69 | id: 1 70 | mode: active 71 | Ethernet2: 72 | peer: DC1-LEAF2B 73 | peer_interface: Ethernet5 74 | peer_type: l3leaf 75 | description: DC1-LEAF2B_Ethernet5 76 | type: switched 77 | shutdown: false 78 | channel_group: 79 | id: 1 80 | mode: active 81 | Ethernet5: 82 | peer: server02 83 | peer_interface: Eth0 84 | peer_type: server 85 | description: server02_Eth0 86 | type: switched 87 | shutdown: false 88 | mode: access 89 | vlans: 110 90 | port_channel_interfaces: 91 | Port-Channel1: 92 | description: DC1_LEAF2_Po5 93 | type: switched 94 | shutdown: false 95 | vlans: 110-112,120-121,130-131 96 | mode: trunk 97 | vlans: 98 | 130: 99 | tenant: Tenant_A 100 | name: Tenant_A_APP_Zone_1 101 | 131: 102 | tenant: Tenant_A 103 | name: Tenant_A_APP_Zone_2 104 | 110: 105 | tenant: Tenant_A 106 | name: Tenant_A_OP_Zone_1 107 | 111: 108 | tenant: Tenant_A 109 | name: Tenant_A_OP_Zone_2 110 | 112: 111 | tenant: Tenant_A 112 | name: Tenant_A_OP_Zone_3 113 | 120: 114 | tenant: Tenant_A 115 | name: Tenant_A_WEB_Zone_1 116 | 121: 117 | tenant: Tenant_A 118 | name: Tenant_A_WEBZone_2 119 | ip_igmp_snooping: 120 | globally_enabled: true 121 | ntp: 122 | local_interface: 123 | name: Management1 124 | vrf: MGMT 125 | servers: 126 | - name: 0.fr.pool.ntp.org 127 | preferred: true 128 | vrf: MGMT 129 | - name: 1.fr.pool.ntp.org 130 | vrf: MGMT 131 | -------------------------------------------------------------------------------- /inventory/intended/structured_configs/DC1-SPINE1-debug-vars.yml: -------------------------------------------------------------------------------- 1 | ansible_connection: httpapi 2 | ansible_network_os: eos 3 | ansible_user: ansible 4 | ansible_ssh_pass: ansible 5 | ansible_become: true 6 | ansible_become_method: enable 7 | ansible_httpapi_use_ssl: true 8 | ansible_httpapi_validate_certs: false 9 | type: spine 10 | local_users: 11 | admin: 12 | privilege: 15 13 | role: network-admin 14 | sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 15 | cvpadmin: 16 | privilege: 15 17 | role: network-admin 18 | sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 19 | ansible: 20 | privilege: 15 21 | role: network-admin 22 | sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 23 | cvp_instance_ip: 10.255.0.1 24 | cvp_ingestauth_key: '' 25 | mgmt_interface: Management1 26 | mgmt_interface_vrf: MGMT 27 | mgmt_gateway: 10.255.0.1 28 | name_servers: 29 | - 192.168.2.1 30 | - 8.8.8.8 31 | custom_structured_configuration_ntp: 32 | local_interface: 33 | name: Management1 34 | vrf: MGMT 35 | servers: 36 | - name: 0.fr.pool.ntp.org 37 | preferred: true 38 | vrf: MGMT 39 | - name: 1.fr.pool.ntp.org 40 | vrf: MGMT 41 | fabric_name: DC1_FABRIC 42 | vxlan_vlan_aware_bundles: true 43 | bgp_peer_groups: 44 | IPv4_UNDERLAY_PEERS: 45 | password: AQQvKeimxJu+uGQ/yYvv9w== 46 | EVPN_OVERLAY_PEERS: 47 | password: q+VNViP5i4rVjW1cxFv2wA== 48 | MLAG_IPv4_UNDERLAY_PEER: 49 | password: vnEaG8gMeQf3d3cN6PktXQ== 50 | spine: 51 | defaults: 52 | platform: vEOS-LAB 53 | bgp_as: 65001 54 | loopback_ipv4_pool: 192.168.255.0/24 55 | bgp_defaults: 56 | - no bgp default ipv4-unicast 57 | - distance bgp 20 200 200 58 | - graceful-restart restart-time 300 59 | - graceful-restart 60 | mlag_peer_ipv4_pool: 10.255.252.0/24 61 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 62 | nodes: 63 | DC1-SPINE1: 64 | id: 1 65 | mgmt_ip: 10.255.0.11/24 66 | DC1-SPINE2: 67 | id: 2 68 | mgmt_ip: 10.255.0.12/24 69 | l3leaf: 70 | defaults: 71 | platform: vEOS-LAB 72 | loopback_ipv4_pool: 192.168.255.0/24 73 | loopback_ipv4_offset: 2 74 | vtep_loopback_ipv4_pool: 192.168.254.0/24 75 | uplink_interfaces: 76 | - Ethernet1 77 | - Ethernet2 78 | uplink_switches: 79 | - DC1-SPINE1 80 | - DC1-SPINE2 81 | uplink_ipv4_pool: 172.31.255.0/24 82 | mlag_interfaces: 83 | - Ethernet3 84 | - Ethernet4 85 | mlag_peer_ipv4_pool: 10.255.252.0/24 86 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 87 | virtual_router_mac_address: 00:1c:73:00:dc:01 88 | bgp_defaults: 89 | - no bgp default ipv4-unicast 90 | - distance bgp 20 200 200 91 | - graceful-restart restart-time 300 92 | - graceful-restart 93 | spanning_tree_mode: mstp 94 | spanning_tree_priority: 16384 95 | node_groups: 96 | DC1_LEAF1: 97 | bgp_as: 65101 98 | nodes: 99 | DC1-LEAF1A: 100 | id: 1 101 | mgmt_ip: 10.255.0.13/24 102 | uplink_switch_interfaces: 103 | - Ethernet1 104 | - Ethernet1 105 | DC1-LEAF1B: 106 | id: 2 107 | mgmt_ip: 10.255.0.14/24 108 | uplink_switch_interfaces: 109 | - Ethernet2 110 | - Ethernet2 111 | DC1_LEAF2: 112 | bgp_as: 65102 113 | nodes: 114 | DC1-LEAF2A: 115 | id: 3 116 | mgmt_ip: 10.255.0.15/24 117 | uplink_switch_interfaces: 118 | - Ethernet3 119 | - Ethernet3 120 | DC1-LEAF2B: 121 | id: 4 122 | mgmt_ip: 10.255.0.16/24 123 | uplink_switch_interfaces: 124 | - Ethernet4 125 | - Ethernet4 126 | l2leaf: 127 | defaults: 128 | platform: vEOS-LAB 129 | uplink_switches: 130 | - DC1-LEAF1A 131 | - DC1-LEAF1B 132 | uplink_interfaces: 133 | - Ethernet1 134 | - Ethernet2 135 | mlag_interfaces: 136 | - Ethernet3 137 | - Ethernet4 138 | mlag_peer_ipv4_pool: 10.255.252.0/24 139 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 140 | virtual_router_mac_address: 00:1c:73:00:dc:01 141 | spanning_tree_mode: mstp 142 | spanning_tree_priority: 16384 143 | mlag: false 144 | node_groups: 145 | DC1_L2LEAF1: 146 | uplink_switches: 147 | - DC1-LEAF1A 148 | - DC1-LEAF1B 149 | filter: 150 | tenants: 151 | - Tenant_A 152 | tags: 153 | - opzone 154 | - web 155 | - app 156 | nodes: 157 | DC1-L2LEAF1A: 158 | id: 5 159 | mgmt_ip: 10.255.0.17/24 160 | uplink_switch_interfaces: 161 | - Ethernet5 162 | - Ethernet5 163 | DC1_L2LEAF2: 164 | uplink_switches: 165 | - DC1-LEAF2A 166 | - DC1-LEAF2B 167 | filter: 168 | tenants: 169 | - Tenant_A 170 | tags: 171 | - opzone 172 | - web 173 | - app 174 | nodes: 175 | DC1-L2LEAF2A: 176 | id: 7 177 | mgmt_ip: 10.255.0.18/24 178 | uplink_switch_interfaces: 179 | - Ethernet5 180 | - Ethernet5 181 | p2p_uplinks_mtu: 1500 182 | bfd_multihop: 183 | interval: 1200 184 | min_rx: 1200 185 | multiplier: 3 186 | inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml 187 | inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory 188 | ansible_host: 10.255.0.11 189 | inventory_hostname: DC1-SPINE1 190 | inventory_hostname_short: DC1-SPINE1 191 | group_names: 192 | - DC1 193 | - DC1_FABRIC 194 | - DC1_SPINES 195 | ansible_facts: 196 | switch: 197 | type: spine 198 | node_type_key: spine 199 | connected_endpoints: false 200 | default_evpn_role: server 201 | mlag_support: false 202 | network_services_l2: false 203 | network_services_l3: false 204 | underlay_router: true 205 | uplink_type: p2p 206 | vtep: false 207 | ip_addressing: 208 | router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 209 | mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 210 | mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 211 | mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 212 | mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 213 | p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 214 | p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 215 | vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 216 | vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 217 | interface_descriptions: 218 | underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 219 | underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 220 | connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 221 | connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 222 | overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 223 | vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 224 | underlay_routing_protocol: ebgp 225 | overlay_routing_protocol: ebgp 226 | id: 1 227 | mgmt_ip: 10.255.0.11/24 228 | platform: vEOS-LAB 229 | platform_settings: 230 | platforms: 231 | - default 232 | reload_delay: 233 | mlag: 300 234 | non_mlag: 330 235 | feature_support: 236 | queue_monitor_length_notify: false 237 | spanning_tree_mode: none 238 | max_uplink_switches: 0 239 | max_parallel_uplinks: 1 240 | loopback_ipv4_pool: 192.168.255.0/24 241 | loopback_ipv4_offset: 0 242 | router_id: 192.168.255.1 243 | bgp_as: '65001' 244 | bgp_defaults: 245 | - no bgp default ipv4-unicast 246 | - distance bgp 20 200 200 247 | - graceful-restart restart-time 300 248 | - graceful-restart 249 | evpn_role: server 250 | mlag: false 251 | topology: 252 | peers: [] 253 | vlans: [] 254 | switch: 255 | type: spine 256 | node_type_key: spine 257 | connected_endpoints: false 258 | default_evpn_role: server 259 | mlag_support: false 260 | network_services_l2: false 261 | network_services_l3: false 262 | underlay_router: true 263 | uplink_type: p2p 264 | vtep: false 265 | ip_addressing: 266 | router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 267 | mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 268 | mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 269 | mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 270 | mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 271 | p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 272 | p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 273 | vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 274 | vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 275 | interface_descriptions: 276 | underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 277 | underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 278 | connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 279 | connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 280 | overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 281 | vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 282 | underlay_routing_protocol: ebgp 283 | overlay_routing_protocol: ebgp 284 | id: 1 285 | mgmt_ip: 10.255.0.11/24 286 | platform: vEOS-LAB 287 | platform_settings: 288 | platforms: 289 | - default 290 | reload_delay: 291 | mlag: 300 292 | non_mlag: 330 293 | feature_support: 294 | queue_monitor_length_notify: false 295 | spanning_tree_mode: none 296 | max_uplink_switches: 0 297 | max_parallel_uplinks: 1 298 | loopback_ipv4_pool: 192.168.255.0/24 299 | loopback_ipv4_offset: 0 300 | router_id: 192.168.255.1 301 | bgp_as: '65001' 302 | bgp_defaults: 303 | - no bgp default ipv4-unicast 304 | - distance bgp 20 200 200 305 | - graceful-restart restart-time 300 306 | - graceful-restart 307 | evpn_role: server 308 | mlag: false 309 | topology: 310 | peers: [] 311 | vlans: [] 312 | playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks 313 | ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 314 | ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg 315 | groups: 316 | all: 317 | - cv_ztp 318 | - cv_server 319 | - DC1-SPINE1 320 | - DC1-SPINE2 321 | - DC1-LEAF1A 322 | - DC1-LEAF1B 323 | - DC1-LEAF2A 324 | - DC1-LEAF2B 325 | - DC1-L2LEAF1A 326 | - DC1-L2LEAF2A 327 | ungrouped: [] 328 | CVP: 329 | - cv_ztp 330 | - cv_server 331 | DC1: 332 | - DC1-SPINE1 333 | - DC1-SPINE2 334 | - DC1-L2LEAF1A 335 | - DC1-L2LEAF2A 336 | - DC1-LEAF1A 337 | - DC1-LEAF1B 338 | - DC1-LEAF2A 339 | - DC1-LEAF2B 340 | DC1_FABRIC: 341 | - DC1-SPINE1 342 | - DC1-SPINE2 343 | - DC1-LEAF1A 344 | - DC1-LEAF1B 345 | - DC1-LEAF2A 346 | - DC1-LEAF2B 347 | - DC1-L2LEAF1A 348 | - DC1-L2LEAF2A 349 | DC1_SPINES: 350 | - DC1-SPINE1 351 | - DC1-SPINE2 352 | DC1_L3LEAFS: 353 | - DC1-LEAF1A 354 | - DC1-LEAF1B 355 | - DC1-LEAF2A 356 | - DC1-LEAF2B 357 | DC1_LEAF1: 358 | - DC1-LEAF1A 359 | - DC1-LEAF1B 360 | DC1_LEAF2: 361 | - DC1-LEAF2A 362 | - DC1-LEAF2B 363 | DC1_L2LEAFS: 364 | - DC1-L2LEAF1A 365 | - DC1-L2LEAF2A 366 | DC1_L2LEAF1: 367 | - DC1-L2LEAF1A 368 | DC1_L2LEAF2: 369 | - DC1-L2LEAF2A 370 | DC1_TENANTS_NETWORKS: 371 | - DC1-LEAF1A 372 | - DC1-LEAF1B 373 | - DC1-LEAF2A 374 | - DC1-LEAF2B 375 | - DC1-L2LEAF1A 376 | - DC1-L2LEAF2A 377 | DC1_SERVERS: 378 | - DC1-LEAF1A 379 | - DC1-LEAF1B 380 | - DC1-LEAF2A 381 | - DC1-LEAF2B 382 | - DC1-L2LEAF1A 383 | - DC1-L2LEAF2A 384 | omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 385 | ansible_version: 386 | string: 2.10.14 387 | full: 2.10.14 388 | major: 2 389 | minor: 10 390 | revision: 14 391 | ansible_check_mode: false 392 | ansible_diff_mode: false 393 | ansible_forks: 5 394 | ansible_inventory_sources: 395 | - /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml 396 | ansible_skip_tags: [] 397 | ansible_run_tags: 398 | - build 399 | ansible_verbosity: 0 400 | -------------------------------------------------------------------------------- /inventory/intended/structured_configs/DC1-SPINE1.yml: -------------------------------------------------------------------------------- 1 | router_bgp: 2 | as: '65001' 3 | router_id: 192.168.255.1 4 | bgp_defaults: 5 | - no bgp default ipv4-unicast 6 | - distance bgp 20 200 200 7 | - graceful-restart restart-time 300 8 | - graceful-restart 9 | - maximum-paths 4 ecmp 4 10 | peer_groups: 11 | IPv4-UNDERLAY-PEERS: 12 | type: ipv4 13 | password: AQQvKeimxJu+uGQ/yYvv9w== 14 | maximum_routes: 12000 15 | send_community: all 16 | EVPN-OVERLAY-PEERS: 17 | type: evpn 18 | update_source: Loopback0 19 | bfd: true 20 | ebgp_multihop: '3' 21 | password: q+VNViP5i4rVjW1cxFv2wA== 22 | send_community: all 23 | maximum_routes: 0 24 | next_hop_unchanged: true 25 | address_family_ipv4: 26 | peer_groups: 27 | IPv4-UNDERLAY-PEERS: 28 | activate: true 29 | EVPN-OVERLAY-PEERS: 30 | activate: false 31 | redistribute_routes: 32 | connected: 33 | route_map: RM-CONN-2-BGP 34 | neighbors: 35 | 172.31.255.1: 36 | peer_group: IPv4-UNDERLAY-PEERS 37 | remote_as: '65101' 38 | description: DC1-LEAF1A_Ethernet1 39 | 172.31.255.5: 40 | peer_group: IPv4-UNDERLAY-PEERS 41 | remote_as: '65101' 42 | description: DC1-LEAF1B_Ethernet1 43 | 172.31.255.9: 44 | peer_group: IPv4-UNDERLAY-PEERS 45 | remote_as: '65102' 46 | description: DC1-LEAF2A_Ethernet1 47 | 172.31.255.13: 48 | peer_group: IPv4-UNDERLAY-PEERS 49 | remote_as: '65102' 50 | description: DC1-LEAF2B_Ethernet1 51 | 192.168.255.3: 52 | peer_group: EVPN-OVERLAY-PEERS 53 | description: DC1-LEAF1A 54 | remote_as: '65101' 55 | 192.168.255.4: 56 | peer_group: EVPN-OVERLAY-PEERS 57 | description: DC1-LEAF1B 58 | remote_as: '65101' 59 | 192.168.255.5: 60 | peer_group: EVPN-OVERLAY-PEERS 61 | description: DC1-LEAF2A 62 | remote_as: '65102' 63 | 192.168.255.6: 64 | peer_group: EVPN-OVERLAY-PEERS 65 | description: DC1-LEAF2B 66 | remote_as: '65102' 67 | address_family_evpn: 68 | peer_groups: 69 | EVPN-OVERLAY-PEERS: 70 | activate: true 71 | static_routes: 72 | - vrf: MGMT 73 | destination_address_prefix: 0.0.0.0/0 74 | gateway: 10.255.0.1 75 | service_routing_protocols_model: multi-agent 76 | ip_routing: true 77 | daemon_terminattr: 78 | cvaddrs: 79 | - 10.255.0.1:9910 80 | cvauth: 81 | method: key 82 | cvvrf: MGMT 83 | smashexcludes: ale,flexCounter,hardware,kni,pulse,strata 84 | ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent 85 | disable_aaa: false 86 | vlan_internal_order: 87 | allocation: ascending 88 | range: 89 | beginning: 1006 90 | ending: 1199 91 | name_server: 92 | source: 93 | vrf: MGMT 94 | nodes: 95 | - 192.168.2.1 96 | - 8.8.8.8 97 | spanning_tree: 98 | mode: none 99 | local_users: 100 | admin: 101 | privilege: 15 102 | role: network-admin 103 | sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 104 | ansible: 105 | privilege: 15 106 | role: network-admin 107 | sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 108 | cvpadmin: 109 | privilege: 15 110 | role: network-admin 111 | sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 112 | vrfs: 113 | MGMT: 114 | ip_routing: false 115 | management_interfaces: 116 | Management1: 117 | description: oob_management 118 | shutdown: false 119 | vrf: MGMT 120 | ip_address: 10.255.0.11/24 121 | gateway: 10.255.0.1 122 | type: oob 123 | management_api_http: 124 | enable_vrfs: 125 | MGMT: {} 126 | enable_https: true 127 | ethernet_interfaces: 128 | Ethernet1: 129 | peer: DC1-LEAF1A 130 | peer_interface: Ethernet1 131 | peer_type: l3leaf 132 | description: P2P_LINK_TO_DC1-LEAF1A_Ethernet1 133 | mtu: 1500 134 | type: routed 135 | shutdown: false 136 | ip_address: 172.31.255.0/31 137 | Ethernet2: 138 | peer: DC1-LEAF1B 139 | peer_interface: Ethernet1 140 | peer_type: l3leaf 141 | description: P2P_LINK_TO_DC1-LEAF1B_Ethernet1 142 | mtu: 1500 143 | type: routed 144 | shutdown: false 145 | ip_address: 172.31.255.4/31 146 | Ethernet3: 147 | peer: DC1-LEAF2A 148 | peer_interface: Ethernet1 149 | peer_type: l3leaf 150 | description: P2P_LINK_TO_DC1-LEAF2A_Ethernet1 151 | mtu: 1500 152 | type: routed 153 | shutdown: false 154 | ip_address: 172.31.255.8/31 155 | Ethernet4: 156 | peer: DC1-LEAF2B 157 | peer_interface: Ethernet1 158 | peer_type: l3leaf 159 | description: P2P_LINK_TO_DC1-LEAF2B_Ethernet1 160 | mtu: 1500 161 | type: routed 162 | shutdown: false 163 | ip_address: 172.31.255.12/31 164 | loopback_interfaces: 165 | Loopback0: 166 | description: EVPN_Overlay_Peering 167 | shutdown: false 168 | ip_address: 192.168.255.1/32 169 | prefix_lists: 170 | PL-LOOPBACKS-EVPN-OVERLAY: 171 | sequence_numbers: 172 | 10: 173 | action: permit 192.168.255.0/24 eq 32 174 | route_maps: 175 | RM-CONN-2-BGP: 176 | sequence_numbers: 177 | 10: 178 | type: permit 179 | match: 180 | - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 181 | router_bfd: 182 | multihop: 183 | interval: 1200 184 | min_rx: 1200 185 | multiplier: 3 186 | ntp: 187 | local_interface: 188 | name: Management1 189 | vrf: MGMT 190 | servers: 191 | - name: 0.fr.pool.ntp.org 192 | preferred: true 193 | vrf: MGMT 194 | - name: 1.fr.pool.ntp.org 195 | vrf: MGMT 196 | -------------------------------------------------------------------------------- /inventory/intended/structured_configs/DC1-SPINE2-debug-vars.yml: -------------------------------------------------------------------------------- 1 | ansible_connection: httpapi 2 | ansible_network_os: eos 3 | ansible_user: ansible 4 | ansible_ssh_pass: ansible 5 | ansible_become: true 6 | ansible_become_method: enable 7 | ansible_httpapi_use_ssl: true 8 | ansible_httpapi_validate_certs: false 9 | type: spine 10 | local_users: 11 | admin: 12 | privilege: 15 13 | role: network-admin 14 | sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 15 | cvpadmin: 16 | privilege: 15 17 | role: network-admin 18 | sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 19 | ansible: 20 | privilege: 15 21 | role: network-admin 22 | sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 23 | cvp_instance_ip: 10.255.0.1 24 | cvp_ingestauth_key: '' 25 | mgmt_interface: Management1 26 | mgmt_interface_vrf: MGMT 27 | mgmt_gateway: 10.255.0.1 28 | name_servers: 29 | - 192.168.2.1 30 | - 8.8.8.8 31 | custom_structured_configuration_ntp: 32 | local_interface: 33 | name: Management1 34 | vrf: MGMT 35 | servers: 36 | - name: 0.fr.pool.ntp.org 37 | preferred: true 38 | vrf: MGMT 39 | - name: 1.fr.pool.ntp.org 40 | vrf: MGMT 41 | fabric_name: DC1_FABRIC 42 | vxlan_vlan_aware_bundles: true 43 | bgp_peer_groups: 44 | IPv4_UNDERLAY_PEERS: 45 | password: AQQvKeimxJu+uGQ/yYvv9w== 46 | EVPN_OVERLAY_PEERS: 47 | password: q+VNViP5i4rVjW1cxFv2wA== 48 | MLAG_IPv4_UNDERLAY_PEER: 49 | password: vnEaG8gMeQf3d3cN6PktXQ== 50 | spine: 51 | defaults: 52 | platform: vEOS-LAB 53 | bgp_as: 65001 54 | loopback_ipv4_pool: 192.168.255.0/24 55 | bgp_defaults: 56 | - no bgp default ipv4-unicast 57 | - distance bgp 20 200 200 58 | - graceful-restart restart-time 300 59 | - graceful-restart 60 | mlag_peer_ipv4_pool: 10.255.252.0/24 61 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 62 | nodes: 63 | DC1-SPINE1: 64 | id: 1 65 | mgmt_ip: 10.255.0.11/24 66 | DC1-SPINE2: 67 | id: 2 68 | mgmt_ip: 10.255.0.12/24 69 | l3leaf: 70 | defaults: 71 | platform: vEOS-LAB 72 | loopback_ipv4_pool: 192.168.255.0/24 73 | loopback_ipv4_offset: 2 74 | vtep_loopback_ipv4_pool: 192.168.254.0/24 75 | uplink_interfaces: 76 | - Ethernet1 77 | - Ethernet2 78 | uplink_switches: 79 | - DC1-SPINE1 80 | - DC1-SPINE2 81 | uplink_ipv4_pool: 172.31.255.0/24 82 | mlag_interfaces: 83 | - Ethernet3 84 | - Ethernet4 85 | mlag_peer_ipv4_pool: 10.255.252.0/24 86 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 87 | virtual_router_mac_address: 00:1c:73:00:dc:01 88 | bgp_defaults: 89 | - no bgp default ipv4-unicast 90 | - distance bgp 20 200 200 91 | - graceful-restart restart-time 300 92 | - graceful-restart 93 | spanning_tree_mode: mstp 94 | spanning_tree_priority: 16384 95 | node_groups: 96 | DC1_LEAF1: 97 | bgp_as: 65101 98 | nodes: 99 | DC1-LEAF1A: 100 | id: 1 101 | mgmt_ip: 10.255.0.13/24 102 | uplink_switch_interfaces: 103 | - Ethernet1 104 | - Ethernet1 105 | DC1-LEAF1B: 106 | id: 2 107 | mgmt_ip: 10.255.0.14/24 108 | uplink_switch_interfaces: 109 | - Ethernet2 110 | - Ethernet2 111 | DC1_LEAF2: 112 | bgp_as: 65102 113 | nodes: 114 | DC1-LEAF2A: 115 | id: 3 116 | mgmt_ip: 10.255.0.15/24 117 | uplink_switch_interfaces: 118 | - Ethernet3 119 | - Ethernet3 120 | DC1-LEAF2B: 121 | id: 4 122 | mgmt_ip: 10.255.0.16/24 123 | uplink_switch_interfaces: 124 | - Ethernet4 125 | - Ethernet4 126 | l2leaf: 127 | defaults: 128 | platform: vEOS-LAB 129 | uplink_switches: 130 | - DC1-LEAF1A 131 | - DC1-LEAF1B 132 | uplink_interfaces: 133 | - Ethernet1 134 | - Ethernet2 135 | mlag_interfaces: 136 | - Ethernet3 137 | - Ethernet4 138 | mlag_peer_ipv4_pool: 10.255.252.0/24 139 | mlag_peer_l3_ipv4_pool: 10.255.251.0/24 140 | virtual_router_mac_address: 00:1c:73:00:dc:01 141 | spanning_tree_mode: mstp 142 | spanning_tree_priority: 16384 143 | mlag: false 144 | node_groups: 145 | DC1_L2LEAF1: 146 | uplink_switches: 147 | - DC1-LEAF1A 148 | - DC1-LEAF1B 149 | filter: 150 | tenants: 151 | - Tenant_A 152 | tags: 153 | - opzone 154 | - web 155 | - app 156 | nodes: 157 | DC1-L2LEAF1A: 158 | id: 5 159 | mgmt_ip: 10.255.0.17/24 160 | uplink_switch_interfaces: 161 | - Ethernet5 162 | - Ethernet5 163 | DC1_L2LEAF2: 164 | uplink_switches: 165 | - DC1-LEAF2A 166 | - DC1-LEAF2B 167 | filter: 168 | tenants: 169 | - Tenant_A 170 | tags: 171 | - opzone 172 | - web 173 | - app 174 | nodes: 175 | DC1-L2LEAF2A: 176 | id: 7 177 | mgmt_ip: 10.255.0.18/24 178 | uplink_switch_interfaces: 179 | - Ethernet5 180 | - Ethernet5 181 | p2p_uplinks_mtu: 1500 182 | bfd_multihop: 183 | interval: 1200 184 | min_rx: 1200 185 | multiplier: 3 186 | inventory_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml 187 | inventory_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory 188 | ansible_host: 10.255.0.12 189 | inventory_hostname: DC1-SPINE2 190 | inventory_hostname_short: DC1-SPINE2 191 | group_names: 192 | - DC1 193 | - DC1_FABRIC 194 | - DC1_SPINES 195 | ansible_facts: 196 | switch: 197 | type: spine 198 | node_type_key: spine 199 | connected_endpoints: false 200 | default_evpn_role: server 201 | mlag_support: false 202 | network_services_l2: false 203 | network_services_l3: false 204 | underlay_router: true 205 | uplink_type: p2p 206 | vtep: false 207 | ip_addressing: 208 | router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 209 | mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 210 | mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 211 | mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 212 | mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 213 | p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 214 | p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 215 | vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 216 | vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 217 | interface_descriptions: 218 | underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 219 | underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 220 | connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 221 | connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 222 | overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 223 | vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 224 | underlay_routing_protocol: ebgp 225 | overlay_routing_protocol: ebgp 226 | id: 2 227 | mgmt_ip: 10.255.0.12/24 228 | platform: vEOS-LAB 229 | platform_settings: 230 | platforms: 231 | - default 232 | reload_delay: 233 | mlag: 300 234 | non_mlag: 330 235 | feature_support: 236 | queue_monitor_length_notify: false 237 | spanning_tree_mode: none 238 | max_uplink_switches: 0 239 | max_parallel_uplinks: 1 240 | loopback_ipv4_pool: 192.168.255.0/24 241 | loopback_ipv4_offset: 0 242 | router_id: 192.168.255.2 243 | bgp_as: '65001' 244 | bgp_defaults: 245 | - no bgp default ipv4-unicast 246 | - distance bgp 20 200 200 247 | - graceful-restart restart-time 300 248 | - graceful-restart 249 | evpn_role: server 250 | mlag: false 251 | topology: 252 | peers: [] 253 | vlans: [] 254 | switch: 255 | type: spine 256 | node_type_key: spine 257 | connected_endpoints: false 258 | default_evpn_role: server 259 | mlag_support: false 260 | network_services_l2: false 261 | network_services_l3: false 262 | underlay_router: true 263 | uplink_type: p2p 264 | vtep: false 265 | ip_addressing: 266 | router_id: designs/l3ls-evpn/ip-addressing/router-id.j2 267 | mlag_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-ip-primary.j2 268 | mlag_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-ip-secondary.j2 269 | mlag_l3_ip_primary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-primary.j2 270 | mlag_l3_ip_secondary: designs/l3ls-evpn/ip-addressing/mlag-l3-ip-secondary.j2 271 | p2p_uplinks_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-ip.j2 272 | p2p_uplinks_peer_ip: designs/l3ls-evpn/ip-addressing/p2p-uplinks-peer-ip.j2 273 | vtep_ip_mlag: designs/l3ls-evpn/ip-addressing/vtep-ip-mlag.j2 274 | vtep_ip: designs/l3ls-evpn/ip-addressing/vtep-ip.j2 275 | interface_descriptions: 276 | underlay_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/ethernet-interfaces.j2 277 | underlay_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/underlay/port-channel-interfaces.j2 278 | connected_endpoints_ethernet_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/ethernet-interfaces.j2 279 | connected_endpoints_port_channel_interfaces: designs/l3ls-evpn/interface-descriptions/connected-endpoints/port-channel-interfaces.j2 280 | overlay_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/overlay-loopback.j2 281 | vtep_loopback_interface: designs/l3ls-evpn/interface-descriptions/loopback-interfaces/vtep-loopback.j2 282 | underlay_routing_protocol: ebgp 283 | overlay_routing_protocol: ebgp 284 | id: 2 285 | mgmt_ip: 10.255.0.12/24 286 | platform: vEOS-LAB 287 | platform_settings: 288 | platforms: 289 | - default 290 | reload_delay: 291 | mlag: 300 292 | non_mlag: 330 293 | feature_support: 294 | queue_monitor_length_notify: false 295 | spanning_tree_mode: none 296 | max_uplink_switches: 0 297 | max_parallel_uplinks: 1 298 | loopback_ipv4_pool: 192.168.255.0/24 299 | loopback_ipv4_offset: 0 300 | router_id: 192.168.255.2 301 | bgp_as: '65001' 302 | bgp_defaults: 303 | - no bgp default ipv4-unicast 304 | - distance bgp 20 200 200 305 | - graceful-restart restart-time 300 306 | - graceful-restart 307 | evpn_role: server 308 | mlag: false 309 | topology: 310 | peers: [] 311 | vlans: [] 312 | playbook_dir: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/playbooks 313 | ansible_playbook_python: /Users/tgrimonet/.pyenv/versions/3.9.7/envs/arista-avd-demo/bin/python3.9 314 | ansible_config_file: /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/ansible.cfg 315 | groups: 316 | all: 317 | - cv_ztp 318 | - cv_server 319 | - DC1-SPINE1 320 | - DC1-SPINE2 321 | - DC1-LEAF1A 322 | - DC1-LEAF1B 323 | - DC1-LEAF2A 324 | - DC1-LEAF2B 325 | - DC1-L2LEAF1A 326 | - DC1-L2LEAF2A 327 | ungrouped: [] 328 | CVP: 329 | - cv_ztp 330 | - cv_server 331 | DC1: 332 | - DC1-SPINE1 333 | - DC1-SPINE2 334 | - DC1-L2LEAF1A 335 | - DC1-L2LEAF2A 336 | - DC1-LEAF1A 337 | - DC1-LEAF1B 338 | - DC1-LEAF2A 339 | - DC1-LEAF2B 340 | DC1_FABRIC: 341 | - DC1-SPINE1 342 | - DC1-SPINE2 343 | - DC1-LEAF1A 344 | - DC1-LEAF1B 345 | - DC1-LEAF2A 346 | - DC1-LEAF2B 347 | - DC1-L2LEAF1A 348 | - DC1-L2LEAF2A 349 | DC1_SPINES: 350 | - DC1-SPINE1 351 | - DC1-SPINE2 352 | DC1_L3LEAFS: 353 | - DC1-LEAF1A 354 | - DC1-LEAF1B 355 | - DC1-LEAF2A 356 | - DC1-LEAF2B 357 | DC1_LEAF1: 358 | - DC1-LEAF1A 359 | - DC1-LEAF1B 360 | DC1_LEAF2: 361 | - DC1-LEAF2A 362 | - DC1-LEAF2B 363 | DC1_L2LEAFS: 364 | - DC1-L2LEAF1A 365 | - DC1-L2LEAF2A 366 | DC1_L2LEAF1: 367 | - DC1-L2LEAF1A 368 | DC1_L2LEAF2: 369 | - DC1-L2LEAF2A 370 | DC1_TENANTS_NETWORKS: 371 | - DC1-LEAF1A 372 | - DC1-LEAF1B 373 | - DC1-LEAF2A 374 | - DC1-LEAF2B 375 | - DC1-L2LEAF1A 376 | - DC1-L2LEAF2A 377 | DC1_SERVERS: 378 | - DC1-LEAF1A 379 | - DC1-LEAF1B 380 | - DC1-LEAF2A 381 | - DC1-LEAF2B 382 | - DC1-L2LEAF1A 383 | - DC1-L2LEAF2A 384 | omit: __omit_place_holder__977da4f00604c643da39a9f2175c10b09f0b2380 385 | ansible_version: 386 | string: 2.10.14 387 | full: 2.10.14 388 | major: 2 389 | minor: 10 390 | revision: 14 391 | ansible_check_mode: false 392 | ansible_diff_mode: false 393 | ansible_forks: 5 394 | ansible_inventory_sources: 395 | - /Users/tgrimonet/Projects/arista-community/ansible-avd-cloudvision-demo/inventory/inventory.yml 396 | ansible_skip_tags: [] 397 | ansible_run_tags: 398 | - build 399 | ansible_verbosity: 0 400 | -------------------------------------------------------------------------------- /inventory/intended/structured_configs/DC1-SPINE2.yml: -------------------------------------------------------------------------------- 1 | router_bgp: 2 | as: '65001' 3 | router_id: 192.168.255.2 4 | bgp_defaults: 5 | - no bgp default ipv4-unicast 6 | - distance bgp 20 200 200 7 | - graceful-restart restart-time 300 8 | - graceful-restart 9 | - maximum-paths 4 ecmp 4 10 | peer_groups: 11 | IPv4-UNDERLAY-PEERS: 12 | type: ipv4 13 | password: AQQvKeimxJu+uGQ/yYvv9w== 14 | maximum_routes: 12000 15 | send_community: all 16 | EVPN-OVERLAY-PEERS: 17 | type: evpn 18 | update_source: Loopback0 19 | bfd: true 20 | ebgp_multihop: '3' 21 | password: q+VNViP5i4rVjW1cxFv2wA== 22 | send_community: all 23 | maximum_routes: 0 24 | next_hop_unchanged: true 25 | address_family_ipv4: 26 | peer_groups: 27 | IPv4-UNDERLAY-PEERS: 28 | activate: true 29 | EVPN-OVERLAY-PEERS: 30 | activate: false 31 | redistribute_routes: 32 | connected: 33 | route_map: RM-CONN-2-BGP 34 | neighbors: 35 | 172.31.255.3: 36 | peer_group: IPv4-UNDERLAY-PEERS 37 | remote_as: '65101' 38 | description: DC1-LEAF1A_Ethernet2 39 | 172.31.255.7: 40 | peer_group: IPv4-UNDERLAY-PEERS 41 | remote_as: '65101' 42 | description: DC1-LEAF1B_Ethernet2 43 | 172.31.255.11: 44 | peer_group: IPv4-UNDERLAY-PEERS 45 | remote_as: '65102' 46 | description: DC1-LEAF2A_Ethernet2 47 | 172.31.255.15: 48 | peer_group: IPv4-UNDERLAY-PEERS 49 | remote_as: '65102' 50 | description: DC1-LEAF2B_Ethernet2 51 | 192.168.255.3: 52 | peer_group: EVPN-OVERLAY-PEERS 53 | description: DC1-LEAF1A 54 | remote_as: '65101' 55 | 192.168.255.4: 56 | peer_group: EVPN-OVERLAY-PEERS 57 | description: DC1-LEAF1B 58 | remote_as: '65101' 59 | 192.168.255.5: 60 | peer_group: EVPN-OVERLAY-PEERS 61 | description: DC1-LEAF2A 62 | remote_as: '65102' 63 | 192.168.255.6: 64 | peer_group: EVPN-OVERLAY-PEERS 65 | description: DC1-LEAF2B 66 | remote_as: '65102' 67 | address_family_evpn: 68 | peer_groups: 69 | EVPN-OVERLAY-PEERS: 70 | activate: true 71 | static_routes: 72 | - vrf: MGMT 73 | destination_address_prefix: 0.0.0.0/0 74 | gateway: 10.255.0.1 75 | service_routing_protocols_model: multi-agent 76 | ip_routing: true 77 | daemon_terminattr: 78 | cvaddrs: 79 | - 10.255.0.1:9910 80 | cvauth: 81 | method: key 82 | cvvrf: MGMT 83 | smashexcludes: ale,flexCounter,hardware,kni,pulse,strata 84 | ingestexclude: /Sysdb/cell/1/agent,/Sysdb/cell/2/agent 85 | disable_aaa: false 86 | vlan_internal_order: 87 | allocation: ascending 88 | range: 89 | beginning: 1006 90 | ending: 1199 91 | name_server: 92 | source: 93 | vrf: MGMT 94 | nodes: 95 | - 192.168.2.1 96 | - 8.8.8.8 97 | spanning_tree: 98 | mode: none 99 | local_users: 100 | admin: 101 | privilege: 15 102 | role: network-admin 103 | sha512_password: $6$Df86J4/SFMDE3/1K$Hef4KstdoxNDaami37cBquTWOTplC.miMPjXVgQxMe92.e5wxlnXOLlebgPj8Fz1KO0za/RCO7ZIs4Q6Eiq1g1 104 | ansible: 105 | privilege: 15 106 | role: network-admin 107 | sha512_password: $6$Dzu11L7yp9j3nCM9$FSptxMPyIL555OMO.ldnjDXgwZmrfMYwHSr0uznE5Qoqvd9a6UdjiFcJUhGLtvXVZR1r.A/iF5aAt50hf/EK4/ 108 | cvpadmin: 109 | privilege: 15 110 | role: network-admin 111 | sha512_password: $6$rZKcbIZ7iWGAWTUM$TCgDn1KcavS0s.OV8lacMTUkxTByfzcGlFlYUWroxYuU7M/9bIodhRO7nXGzMweUxvbk8mJmQl8Bh44cRktUj. 112 | vrfs: 113 | MGMT: 114 | ip_routing: false 115 | management_interfaces: 116 | Management1: 117 | description: oob_management 118 | shutdown: false 119 | vrf: MGMT 120 | ip_address: 10.255.0.12/24 121 | gateway: 10.255.0.1 122 | type: oob 123 | management_api_http: 124 | enable_vrfs: 125 | MGMT: {} 126 | enable_https: true 127 | ethernet_interfaces: 128 | Ethernet1: 129 | peer: DC1-LEAF1A 130 | peer_interface: Ethernet2 131 | peer_type: l3leaf 132 | description: P2P_LINK_TO_DC1-LEAF1A_Ethernet2 133 | mtu: 1500 134 | type: routed 135 | shutdown: false 136 | ip_address: 172.31.255.2/31 137 | Ethernet2: 138 | peer: DC1-LEAF1B 139 | peer_interface: Ethernet2 140 | peer_type: l3leaf 141 | description: P2P_LINK_TO_DC1-LEAF1B_Ethernet2 142 | mtu: 1500 143 | type: routed 144 | shutdown: false 145 | ip_address: 172.31.255.6/31 146 | Ethernet3: 147 | peer: DC1-LEAF2A 148 | peer_interface: Ethernet2 149 | peer_type: l3leaf 150 | description: P2P_LINK_TO_DC1-LEAF2A_Ethernet2 151 | mtu: 1500 152 | type: routed 153 | shutdown: false 154 | ip_address: 172.31.255.10/31 155 | Ethernet4: 156 | peer: DC1-LEAF2B 157 | peer_interface: Ethernet2 158 | peer_type: l3leaf 159 | description: P2P_LINK_TO_DC1-LEAF2B_Ethernet2 160 | mtu: 1500 161 | type: routed 162 | shutdown: false 163 | ip_address: 172.31.255.14/31 164 | loopback_interfaces: 165 | Loopback0: 166 | description: EVPN_Overlay_Peering 167 | shutdown: false 168 | ip_address: 192.168.255.2/32 169 | prefix_lists: 170 | PL-LOOPBACKS-EVPN-OVERLAY: 171 | sequence_numbers: 172 | 10: 173 | action: permit 192.168.255.0/24 eq 32 174 | route_maps: 175 | RM-CONN-2-BGP: 176 | sequence_numbers: 177 | 10: 178 | type: permit 179 | match: 180 | - ip address prefix-list PL-LOOPBACKS-EVPN-OVERLAY 181 | router_bfd: 182 | multihop: 183 | interval: 1200 184 | min_rx: 1200 185 | multiplier: 3 186 | ntp: 187 | local_interface: 188 | name: Management1 189 | vrf: MGMT 190 | servers: 191 | - name: 0.fr.pool.ntp.org 192 | preferred: true 193 | vrf: MGMT 194 | - name: 1.fr.pool.ntp.org 195 | vrf: MGMT 196 | -------------------------------------------------------------------------------- /inventory/intended/structured_configs/cvp/cv_server.yml: -------------------------------------------------------------------------------- 1 | --- 2 | CVP_DEVICES: 3 | DC1-L2LEAF1A: 4 | name: DC1-L2LEAF1A 5 | parentContainerName: DC1_L2LEAF1 6 | configlets: 7 | - DC1-AVD_DC1-L2LEAF1A 8 | imageBundle: [] 9 | DC1-L2LEAF2A: 10 | name: DC1-L2LEAF2A 11 | parentContainerName: DC1_L2LEAF2 12 | configlets: 13 | - DC1-AVD_DC1-L2LEAF2A 14 | imageBundle: [] 15 | DC1-LEAF1A: 16 | name: DC1-LEAF1A 17 | parentContainerName: DC1_LEAF1 18 | configlets: 19 | - DC1-AVD_DC1-LEAF1A 20 | imageBundle: [] 21 | DC1-LEAF1B: 22 | name: DC1-LEAF1B 23 | parentContainerName: DC1_LEAF1 24 | configlets: 25 | - DC1-AVD_DC1-LEAF1B 26 | imageBundle: [] 27 | DC1-LEAF2A: 28 | name: DC1-LEAF2A 29 | parentContainerName: DC1_LEAF2 30 | configlets: 31 | - DC1-AVD_DC1-LEAF2A 32 | imageBundle: [] 33 | DC1-LEAF2B: 34 | name: DC1-LEAF2B 35 | parentContainerName: DC1_LEAF2 36 | configlets: 37 | - DC1-AVD_DC1-LEAF2B 38 | imageBundle: [] 39 | DC1-SPINE1: 40 | name: DC1-SPINE1 41 | parentContainerName: DC1_SPINES 42 | configlets: 43 | - DC1-AVD_DC1-SPINE1 44 | imageBundle: [] 45 | DC1-SPINE2: 46 | name: DC1-SPINE2 47 | parentContainerName: DC1_SPINES 48 | configlets: 49 | - DC1-AVD_DC1-SPINE2 50 | imageBundle: [] 51 | CVP_CONTAINERS: 52 | DC1_FABRIC: 53 | parent_container: Tenant 54 | DC1_L2LEAF1: 55 | parent_container: DC1_L2LEAFS 56 | DC1_L2LEAF2: 57 | parent_container: DC1_L2LEAFS 58 | DC1_L2LEAFS: 59 | parent_container: DC1_FABRIC 60 | DC1_L3LEAFS: 61 | parent_container: DC1_FABRIC 62 | DC1_LEAF1: 63 | parent_container: DC1_L3LEAFS 64 | DC1_LEAF2: 65 | parent_container: DC1_L3LEAFS 66 | DC1_SPINES: 67 | parent_container: DC1_FABRIC 68 | -------------------------------------------------------------------------------- /inventory/inventory.yml: -------------------------------------------------------------------------------- 1 | --- 2 | all: 3 | children: 4 | CVP: 5 | hosts: 6 | cv_ztp: 7 | ansible_host: 10.83.28.164 8 | ansible_user: root 9 | ansible_password: ansible 10 | cv_server: 11 | ansible_httpapi_host: 10.83.28.164 12 | ansible_host: 10.83.28.164 13 | ansible_user: ansible 14 | ansible_password: ansible 15 | ansible_connection: httpapi 16 | ansible_httpapi_use_ssl: true 17 | ansible_httpapi_validate_certs: false 18 | ansible_network_os: eos 19 | ansible_httpapi_port: 443 20 | # Configuration to get Virtual Env information 21 | ansible_python_interpreter: $(which python3) 22 | # DC1_Fabric - EVPN Fabric running in home lab 23 | DC1: 24 | children: 25 | DC1_FABRIC: 26 | children: 27 | DC1_SPINES: 28 | vars: 29 | type: spine 30 | hosts: 31 | DC1-SPINE1: 32 | ansible_host: 10.255.0.11 33 | DC1-SPINE2: 34 | ansible_host: 10.255.0.12 35 | DC1_L3LEAFS: 36 | vars: 37 | type: l3leaf 38 | children: 39 | DC1_LEAF1: 40 | hosts: 41 | DC1-LEAF1A: 42 | ansible_host: 10.255.0.13 43 | DC1-LEAF1B: 44 | ansible_host: 10.255.0.14 45 | DC1_LEAF2: 46 | hosts: 47 | DC1-LEAF2A: 48 | ansible_host: 10.255.0.15 49 | DC1-LEAF2B: 50 | ansible_host: 10.255.0.16 51 | DC1_L2LEAFS: 52 | vars: 53 | type: l2leaf 54 | children: 55 | DC1_L2LEAF1: 56 | hosts: 57 | DC1-L2LEAF1A: 58 | ansible_host: 10.255.0.17 59 | DC1_L2LEAF2: 60 | hosts: 61 | DC1-L2LEAF2A: 62 | ansible_host: 10.255.0.18 63 | vars: 64 | ansible_connection: httpapi 65 | ansible_network_os: eos 66 | ansible_user: ansible 67 | # should use vault for passwords 68 | ansible_ssh_pass: ansible 69 | ansible_become: true 70 | ansible_become_method: enable 71 | ansible_httpapi_use_ssl: true 72 | ansible_httpapi_validate_certs: false 73 | DC1_TENANTS_NETWORKS: 74 | children: 75 | DC1_L3LEAFS: 76 | DC1_L2LEAFS: 77 | DC1_SERVERS: 78 | children: 79 | DC1_L3LEAFS: 80 | DC1_L2LEAFS: 81 | -------------------------------------------------------------------------------- /playbooks/dc1-fabric-deploy-cvp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Manage Arista EOS EVPN/VXLAN Configuration 3 | hosts: DC1_FABRIC 4 | connection: local 5 | gather_facts: false 6 | collections: 7 | - arista.avd 8 | - arista.cvp 9 | tasks: 10 | - name: 'reset local folders for output' 11 | tags: [build, generate] 12 | import_role: 13 | name: arista.avd.build_output_folders 14 | 15 | - name: generate intended variables 16 | tags: [build, generate] 17 | import_role: 18 | name: arista.avd.eos_designs 19 | 20 | - name: generate device intended config and documentation 21 | tags: [build, generate] 22 | import_role: 23 | name: eos_cli_config_gen 24 | 25 | - name: Configuration deployment with CVP 26 | hosts: cv_server 27 | connection: local 28 | gather_facts: false 29 | collections: 30 | - arista.avd 31 | - arista.cvp 32 | tasks: 33 | - name: run CVP provisioning 34 | import_role: 35 | name: arista.avd.eos_config_deploy_cvp 36 | vars: 37 | container_root: 'DC1_FABRIC' 38 | configlets_prefix: 'DC1-AVD' 39 | device_filter: 'DC1' 40 | state: present 41 | cv_collection: v3 42 | -------------------------------------------------------------------------------- /playbooks/dc1-fabric-reset-cvp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Clenup CVP in default configuration 3 | hosts: cv_server 4 | connection: local 5 | gather_facts: false 6 | collections: 7 | - arista.avd 8 | - arista.cvp 9 | tasks: 10 | - name: run CVP provisioning 11 | import_role: 12 | name: arista.avd.eos_config_deploy_cvp 13 | vars: 14 | container_root: 'DC1_FABRIC' 15 | configlets_prefix: 'DC1-AVD' 16 | device_filter: 'DC1-' 17 | state: absent 18 | -------------------------------------------------------------------------------- /playbooks/dc1-upload-configlets.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Configlet upload management 3 | hosts: cv_server 4 | connection: local 5 | gather_facts: false 6 | collections: 7 | - arista.avd 8 | - arista.cvp 9 | tasks: 10 | - name: 'upload configlets to cloudvision {{inventory_hostname}}' 11 | import_role: 12 | name: arista.avd.cvp_configlet_upload 13 | vars: 14 | configlet_directory: 'inventory/intended/configs' 15 | file_extension: 'cfg' 16 | configlets_cvp_prefix: 'none' 17 | execute_tasks: false 18 | cv_collection: v3 19 | -------------------------------------------------------------------------------- /playbooks/dc1-ztp-configuration.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: Configure ZTP/DHCP service on CloudVision 3 | hosts: cv_ztp 4 | gather_facts: true 5 | tasks: 6 | - name: 'Execute ZTP configuration role' 7 | import_role: 8 | name: arista.cvp.dhcp_configuration 9 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | ansible==4.2.0 2 | netaddr==0.7.19 3 | Jinja2==2.11.3 4 | treelib==1.5.5 5 | cvprac==1.0.7 6 | paramiko==2.10.1 7 | jsonschema==3.2.0 8 | requests==2.25.1 9 | PyYAML==5.4.1 10 | md-toc==7.1.0 11 | markupsafe==2.0.1 12 | --------------------------------------------------------------------------------