├── .ansible-lint ├── .github ├── CODEOWNERS └── workflows │ ├── build_container.yml │ ├── build_environment.yml │ ├── cd.yml │ ├── check.yml │ ├── ci.yml │ ├── nso_check_sync.yml │ ├── nso_update_packages.yml │ ├── show.yml │ └── validate.yml ├── .gitignore ├── .gitlab-ci.yml ├── .yamllint.yml ├── Dockerfile ├── README.md ├── ansible.cfg ├── envvars ├── exercises ├── MDD-Book-Cover.png ├── check-state.md ├── cloud_ops_flow.png ├── data-validation.md ├── data-validation.png ├── deploy-topology.md ├── explore-data.md ├── explore-inventory.md ├── explore-runner.md ├── initial-setup.md ├── mdd_branching.png ├── mdd_ci_flow.png ├── mdd_topo.png ├── overview-check-state.png ├── overview-data-validation.png ├── overview-push-data.png ├── push-data.md ├── run-workflow.png ├── workflow-list.png └── workflow-output.png ├── extras ├── create-gitlab-project.sh └── delete-gitlab-project.sh ├── files ├── arch3.yaml ├── arch3_8kv.yaml.j2 ├── arch3_8kv_configured.yaml ├── arch3_csr.yaml.j2 ├── arch4_csr_pop.yaml.j2 └── virl2_client-2.4.0+build.2-py3-none-any.whl ├── inventory ├── cml.yml ├── group_vars │ ├── all │ │ ├── cml.yml │ │ └── mdd.yml │ ├── hq.yml │ ├── routers.yml │ ├── site1.yml │ ├── site2.yml │ └── switches.yml ├── network.yml ├── nso.yml └── system.yml ├── mdd-data ├── ISP │ └── ISP │ │ └── ISP.cfg └── org │ ├── check-bgp-neighbor-status.yml │ ├── check-site-routes.yml │ ├── oc-banner.yml │ ├── oc-ntp.yml │ ├── oc-site-routers.yml │ ├── oc-stp.yml │ ├── oc-system.yml │ ├── oc-vlan.yml │ ├── oc-vrf.yml │ ├── region1 │ ├── hq │ │ ├── WAN-rtr1 │ │ │ ├── WAN-rtr1.cfg │ │ │ ├── oc-interfaces.yml │ │ │ └── oc-routing.yml │ │ ├── hq-pop │ │ │ ├── hq-pop.cfg │ │ │ ├── oc-interfaces.yml │ │ │ ├── oc-nat.yml │ │ │ └── oc-routing.yml │ │ ├── hq-rtr1 │ │ │ ├── hq-rtr1.cfg │ │ │ ├── oc-interfaces.yml │ │ │ └── oc-routing.yml │ │ ├── hq-rtr2 │ │ │ ├── hq-rtr2.cfg │ │ │ ├── oc-interfaces.yml │ │ │ └── oc-routing.yml │ │ ├── hq-sw1 │ │ │ ├── hq-sw1.cfg │ │ │ ├── oc-interfaces.yml │ │ │ └── oc-stp.yml │ │ ├── hq-sw2 │ │ │ ├── hq-sw2.cfg │ │ │ ├── oc-interfaces.yml │ │ │ └── oc-stp.yml │ │ └── oc-routing.yml │ └── site1 │ │ ├── oc-routing.yml │ │ ├── site1-rtr1 │ │ ├── oc-interfaces.yml │ │ ├── oc-routing.yml │ │ └── site1-rtr1.cfg │ │ └── site1-sw1 │ │ ├── oc-interfaces.yml │ │ ├── oc-stp.yml │ │ └── site1-sw1.cfg │ ├── region2 │ ├── oc-ntp.yml │ └── site2 │ │ ├── site2-rtr1 │ │ ├── oc-interfaces.yml │ │ ├── oc-routing.yml │ │ └── site2-rtr1.cfg │ │ └── site2-sw1 │ │ ├── oc-interfaces.yml │ │ ├── oc-stp.yml │ │ └── site2-sw1.cfg │ └── validate-local.yml ├── play.sh ├── requirements.txt ├── requirements.yml └── schemas ├── LICENSE ├── README.md ├── local ├── banner.schema.yml └── dns.schema.yml.j2 ├── pyats ├── bgp-neighbor-state.yml └── show_ip_route.yml.j2 ├── show_ip_route.yml └── stig ├── CISC-ND-000010.schema ├── CISC-ND-000380.schema ├── CISC-ND-000470.schema ├── CISC-ND-001030.schema ├── CISC-ND-001310.schema ├── CISC-ND_IOSXE.schema ├── CISC_IOSXE-ND.schema └── CISC_IOSXE-ND_NTP.schema /.ansible-lint: -------------------------------------------------------------------------------- 1 | warn_list: # or 'skip_list' to silence them completely 2 | - unnamed-task # All tasks should be named 3 | - no-handler 4 | skip_list: 5 | # truthy complains if we use yes/no 6 | - truthy 7 | # lots of these to fix 8 | - new-line-at-end-of-file 9 | # frequently used to comment out code, so doesn't line up 10 | - comments-indentation 11 | # braces doesn't like {{ varname }} but that's the ansible convention 12 | - braces 13 | # we have a ticket in to convert dashes to underscores, remove this when done 14 | - role-name 15 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * stevenca@cisco.com jlothian@cisco.com @stmosher @jasonking3 -------------------------------------------------------------------------------- /.github/workflows/build_container.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Build and Push Container 3 | on: 4 | push: 5 | branches: 6 | - main 7 | paths: 8 | - 'Dockerfile' 9 | - 'requirements.txt' 10 | - 'requirements.yml' 11 | 12 | workflow_dispatch: 13 | inputs: 14 | tag: 15 | description: 'Image Tag' 16 | required: true 17 | default: 'latest' 18 | env: 19 | TAG: ghcr.io/${{ github.repository }}:latest 20 | 21 | jobs: 22 | push-and-tag: 23 | name: Deploy containers to GHCR 24 | runs-on: ubuntu-latest 25 | steps: 26 | - name: Checking out the repository 27 | uses: actions/checkout@v2 28 | 29 | - name: Build Container 30 | uses: docker/build-push-action@v2 31 | with: 32 | context: . 33 | file: Dockerfile 34 | load: true 35 | tags: ${{ env.TAG }} 36 | 37 | - name: Login to GitHub Container Registry 38 | uses: docker/login-action@v1 39 | with: 40 | registry: ghcr.io 41 | username: ${{ secrets.MDD_GITHUB_ACTION_USERNAME }} 42 | password: ${{ secrets.MDD_GITHUB_ACTION_TOKEN }} 43 | 44 | - name: Push Container 45 | uses: docker/build-push-action@v2 46 | with: 47 | context: . 48 | push: true 49 | tags: ${{ env.TAG }} 50 | if: ${{ ! inputs.tag }} 51 | 52 | - name: Push Container 53 | uses: docker/build-push-action@v2 54 | with: 55 | context: . 56 | push: true 57 | tags: ghcr.io/${{ github.repository }}:${{ inputs.tag }} 58 | if: ${{ inputs.tag }} 59 | -------------------------------------------------------------------------------- /.github/workflows/build_environment.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Build Environment 3 | on: 4 | workflow_dispatch: 5 | # pull_request: 6 | # branches: 7 | # - main 8 | # paths: 9 | # - 'inventory/**.yml' 10 | # - 'inventory/**.yaml' 11 | 12 | env: 13 | CML_PASSWORD: ${{ secrets.CML_PASSWORD }} 14 | CML_LAB: ${{ secrets.CML_LAB }} 15 | CML_USERNAME: ${{ secrets.CML_USERNAME }} 16 | CML_HOST: ${{ secrets.CML_HOST }} 17 | CML_VERIFY_CERT: ${{ secrets.CML_VERIFY_CERT }} 18 | 19 | jobs: 20 | build: 21 | runs-on: self-hosted 22 | environment: mdd-dev 23 | concurrency: mdd-dev 24 | container: 25 | image: ghcr.io/model-driven-devops/ansible-mdd/mdd:1.2.10 26 | steps: 27 | - name: Checkout Inventory 28 | uses: actions/checkout@v2 29 | - name: Clean existing topology 30 | run: ansible-playbook cisco.cml.clean 31 | - name: Build new topology 32 | run: ansible-playbook cisco.cml.build -e startup='host' -e wait=yes 33 | - name: Install NSO 34 | run: ansible-playbook ciscops.mdd.nso_install 35 | - name: Install NSO Pacakges 36 | run: ansible-playbook ciscops.mdd.nso_update_packages 37 | - name: Initialize NSO 38 | run: ansible-playbook ciscops.mdd.nso_init 39 | - name: Update NSO Devices 40 | run: ansible-playbook ciscops.mdd.nso_update_devices 41 | - name: Validate Data 42 | run: ansible-playbook ciscops.mdd.validate 43 | - name: Push Data 44 | run: ansible-playbook ciscops.mdd.update -e dry_run=no 45 | - name: Sleep to let the network settle 46 | run: sleep 60s 47 | shell: bash 48 | - name: Check State 49 | run: ansible-playbook ciscops.mdd.check 50 | -------------------------------------------------------------------------------- /.github/workflows/cd.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: CD 3 | on: 4 | workflow_dispatch: 5 | push: 6 | branches: 7 | - main 8 | paths: 9 | - 'mdd-data/**.yml' 10 | - 'mdd-data/**.yaml' 11 | 12 | env: 13 | CML_PASSWORD: ${{ secrets.CML_PASSWORD }} 14 | CML_LAB: ${{ secrets.CML_LAB }} 15 | CML_USERNAME: ${{ secrets.CML_USERNAME }} 16 | CML_HOST: ${{ secrets.CML_HOST }} 17 | CML_VERIFY_CERT: ${{ secrets.CML_VERIFY_CERT }} 18 | 19 | jobs: 20 | deploy: 21 | runs-on: self-hosted 22 | environment: mdd-dev 23 | concurrency: mdd-dev 24 | container: 25 | image: ghcr.io/model-driven-devops/mdd:latest 26 | steps: 27 | - name: Checkout Inventory 28 | uses: actions/checkout@v2 29 | - name: Update Devices 30 | run: ansible-playbook ciscops.mdd.nso_update_devices 31 | - name: Deploy Changes 32 | run: ansible-playbook ciscops.mdd.update -e dry_run=no 33 | - name: Run Checks 34 | run: ansible-playbook ciscops.mdd.check 35 | -------------------------------------------------------------------------------- /.github/workflows/check.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Check 3 | on: 4 | workflow_dispatch: 5 | inputs: 6 | limit: 7 | description: 'Limit Hosts' 8 | type: string 9 | required: false 10 | default: 'all' 11 | 12 | env: 13 | CML_PASSWORD: ${{ secrets.CML_PASSWORD }} 14 | CML_LAB: ${{ secrets.CML_LAB }} 15 | CML_USERNAME: ${{ secrets.CML_USERNAME }} 16 | CML_HOST: ${{ secrets.CML_HOST }} 17 | CML_VERIFY_CERT: ${{ secrets.CML_VERIFY_CERT }} 18 | ANSIBLE_PYTHON_INTERPRETER: /usr/local/bin/python 19 | 20 | jobs: 21 | check: 22 | runs-on: self-hosted 23 | environment: mdd-dev 24 | container: 25 | image: ghcr.io/model-driven-devops/mdd:latest 26 | steps: 27 | - name: Checkout Inventory 28 | uses: actions/checkout@v2 29 | - name: Check 30 | run: ansible-playbook ciscops.mdd.check --limit=${{ inputs.limit }} 31 | -------------------------------------------------------------------------------- /.github/workflows/ci.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: CI 3 | on: 4 | workflow_dispatch: 5 | pull_request: 6 | branches: 7 | - main 8 | paths: 9 | - 'mdd-data/**.yml' 10 | - 'mdd-data/**.yaml' 11 | - 'requirements.txt' 12 | - 'requirements.yml' 13 | 14 | env: 15 | CML_PASSWORD: ${{ secrets.CML_PASSWORD }} 16 | CML_LAB: ${{ secrets.CML_LAB }} 17 | CML_USERNAME: ${{ secrets.CML_USERNAME }} 18 | CML_HOST: ${{ secrets.CML_HOST }} 19 | CML_VERIFY_CERT: ${{ secrets.CML_VERIFY_CERT }} 20 | 21 | jobs: 22 | test: 23 | runs-on: self-hosted 24 | environment: mdd-dev 25 | concurrency: mdd-dev 26 | container: 27 | image: ghcr.io/model-driven-devops/ansible-mdd/mdd:1.2.10 28 | steps: 29 | - name: Checkout Inventory 30 | uses: actions/checkout@v2 31 | - name: Install Python Requirements 32 | run: pip install -r requirements.txt 33 | - name: Install Ansible Collections 34 | run: ansible-galaxy collection install -r requirements.yml 35 | - name: Run YAMLLINT 36 | run: yamllint mdd-data 37 | - name: Save Rollback 38 | run: ansible-playbook ciscops.mdd.nso_save_rollback 39 | - name: Validate Data 40 | run: ansible-playbook ciscops.mdd.validate 41 | - name: Update Devices 42 | run: ansible-playbook ciscops.mdd.nso_update_devices 43 | - name: Deploy Changes 44 | run: ansible-playbook ciscops.mdd.update -e dry_run=no 45 | - name: Run Checks 46 | run: ansible-playbook ciscops.mdd.check 47 | - name: Load Rollback 48 | run: ansible-playbook ciscops.mdd.nso_load_rollback 49 | -------------------------------------------------------------------------------- /.github/workflows/nso_check_sync.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Check Sync 3 | on: 4 | workflow_dispatch: 5 | 6 | env: 7 | CML_PASSWORD: ${{ secrets.CML_PASSWORD }} 8 | CML_LAB: ${{ secrets.CML_LAB }} 9 | CML_USERNAME: ${{ secrets.CML_USERNAME }} 10 | CML_HOST: ${{ secrets.CML_HOST }} 11 | CML_VERIFY_CERT: ${{ secrets.CML_VERIFY_CERT }} 12 | ANSIBLE_PYTHON_INTERPRETER: /usr/local/bin/python 13 | 14 | jobs: 15 | check_sync: 16 | runs-on: self-hosted 17 | environment: mdd-dev 18 | container: 19 | image: ghcr.io/model-driven-devops/mdd:latest 20 | steps: 21 | - name: Checkout Inventory 22 | uses: actions/checkout@v2 23 | - name: NSO Check Sync 24 | run: ansible-playbook ciscops.mdd.nso_check_sync -------------------------------------------------------------------------------- /.github/workflows/nso_update_packages.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: NSO Update Packages 3 | on: 4 | workflow_dispatch: 5 | 6 | env: 7 | CML_PASSWORD: ${{ secrets.CML_PASSWORD }} 8 | CML_LAB: ${{ secrets.CML_LAB }} 9 | CML_USERNAME: ${{ secrets.CML_USERNAME }} 10 | CML_HOST: ${{ secrets.CML_HOST }} 11 | CML_VERIFY_CERT: ${{ secrets.CML_VERIFY_CERT }} 12 | ANSIBLE_PYTHON_INTERPRETER: /usr/local/bin/python 13 | 14 | jobs: 15 | nso_update_packages: 16 | runs-on: self-hosted 17 | environment: mdd-dev 18 | container: 19 | image: ghcr.io/model-driven-devops/mdd:latest 20 | steps: 21 | - name: Checkout Inventory 22 | uses: actions/checkout@v2 23 | - name: NSO Check Sync 24 | run: ansible-playbook ciscops.mdd.nso_update_packages -------------------------------------------------------------------------------- /.github/workflows/show.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Show 3 | on: 4 | workflow_dispatch: 5 | inputs: 6 | limit: 7 | description: 'Limit Hosts' 8 | type: string 9 | required: false 10 | default: 'all' 11 | 12 | # env: 13 | # ANSIBLE_PYTHON_INTERPRETER: /usr/local/bin/python 14 | 15 | jobs: 16 | show: 17 | runs-on: ubuntu-20.04 18 | container: 19 | image: ghcr.io/model-driven-devops/mdd:latest 20 | steps: 21 | - name: Checkout Inventory 22 | uses: actions/checkout@v2 23 | - name: Show 24 | run: ansible-playbook ciscops.mdd.show --limit=${{ inputs.limit }} 25 | -------------------------------------------------------------------------------- /.github/workflows/validate.yml: -------------------------------------------------------------------------------- 1 | --- 2 | name: Validate 3 | on: 4 | workflow_dispatch: 5 | inputs: 6 | limit: 7 | description: 'Limit Hosts' 8 | type: string 9 | required: false 10 | default: 'all' 11 | 12 | env: 13 | CML_PASSWORD: ${{ secrets.CML_PASSWORD }} 14 | CML_LAB: ${{ secrets.CML_LAB }} 15 | CML_USERNAME: ${{ secrets.CML_USERNAME }} 16 | CML_HOST: ${{ secrets.CML_HOST }} 17 | CML_VERIFY_CERT: ${{ secrets.CML_VERIFY_CERT }} 18 | ANSIBLE_PYTHON_INTERPRETER: /usr/local/bin/python 19 | 20 | jobs: 21 | validate: 22 | runs-on: self-hosted 23 | environment: mdd-dev 24 | container: 25 | image: ghcr.io/model-driven-devops/mdd:latest 26 | steps: 27 | - name: Checkout Inventory 28 | uses: actions/checkout@v2 29 | - name: Check 30 | run: ansible-playbook ciscops.mdd.validate --limit=${{ inputs.limit }} 31 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | venv*/ 2 | ansible_collections/ 3 | .virl/ 4 | .virlrc 5 | *.pyc 6 | *.retry 7 | *.signed.bin 8 | .cache/ 9 | collections/ 10 | envvars 11 | config.yaml 12 | labs.yaml 13 | -------------------------------------------------------------------------------- /.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | stages: 2 | - clean 3 | - build-cml 4 | - build-nso 5 | - init-nso 6 | - save-rollback 7 | - validate 8 | - update 9 | - check 10 | - load-rollback 11 | 12 | image: ghcr.io/model-driven-devops/mdd:latest 13 | 14 | variables: 15 | ANSIBLE_CONFIG: "./ansible.cfg" 16 | CML_VERIFY_CERT: "false" 17 | NSO_INSTALL: "true" 18 | 19 | clean: 20 | stage: clean 21 | script: 22 | - ansible-playbook cisco.cml.clean 23 | resource_group: mdd 24 | rules: 25 | - if: $CLEAN == "true" 26 | 27 | build-cml: 28 | stage: build-cml 29 | script: 30 | - ansible-playbook cisco.cml.build -e startup='host' -e wait='yes' -e retries=100 31 | resource_group: mdd 32 | rules: 33 | - if: $CLEAN == "true" 34 | 35 | build-nso: 36 | stage: build-nso 37 | script: 38 | - ansible-playbook ciscops.mdd.nso_install 39 | - ansible-playbook ciscops.mdd.nso_update_packages 40 | - ansible-playbook ciscops.mdd.nso_init 41 | - ansible-playbook ciscops.mdd.nso_update_devices 42 | resource_group: mdd 43 | rules: 44 | - if: $CLEAN == "true" && $NSO_INSTALL == "true" 45 | 46 | init-nso: 47 | stage: init-nso 48 | script: 49 | - ansible-playbook ciscops.mdd.nso_init 50 | - ansible-playbook ciscops.mdd.nso_delete_devices 51 | - ansible-playbook ciscops.mdd.nso_update_devices 52 | - ansible-playbook ciscops.mdd.update -e dry_run=no 53 | resource_group: mdd 54 | rules: 55 | - if: $NSO_INIT == "true" 56 | 57 | save-rollback: 58 | stage: save-rollback 59 | script: 60 | - ansible-playbook ciscops.mdd.nso_save_rollback 61 | resource_group: mdd 62 | artifacts: 63 | paths: 64 | - rollback.yaml 65 | expire_in: 1 hour 66 | rules: 67 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 68 | 69 | validate: 70 | stage: validate 71 | script: 72 | - yamllint mdd-data 73 | - ansible-playbook ciscops.mdd.validate 74 | resource_group: mdd 75 | rules: 76 | - if: $CI_PIPELINE_SOURCE == "web" 77 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 78 | - if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "main" 79 | - if: $CI_PIPELINE_SOURCE == "api" 80 | 81 | update: 82 | stage: update 83 | script: 84 | # update devices in case DHCP address changed 85 | # - ansible-playbook ciscops.mdd.nso_update_devices 86 | - ansible-playbook ciscops.mdd.update -e dry_run=no 87 | resource_group: mdd 88 | rules: 89 | - if: $CI_PIPELINE_SOURCE == "web" 90 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 91 | - if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "main" 92 | - if: $CI_PIPELINE_SOURCE == "api" 93 | 94 | check: 95 | stage: check 96 | script: 97 | # allow network to converge before running checks 98 | - sleep 60 99 | - ansible-playbook ciscops.mdd.check 100 | resource_group: mdd 101 | rules: 102 | - if: $CI_PIPELINE_SOURCE == "web" 103 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 104 | - if: $CI_PIPELINE_SOURCE == "push" && $CI_COMMIT_BRANCH == "main" 105 | - if: $CI_PIPELINE_SOURCE == "api" 106 | 107 | load-rollback: 108 | stage: load-rollback 109 | script: 110 | # update devices in case DHCP address changed 111 | # - ansible-playbook ciscops.mdd.nso_update_devices 112 | - ansible-playbook ciscops.mdd.nso_load_rollback 113 | resource_group: mdd 114 | rules: 115 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 116 | when: always -------------------------------------------------------------------------------- /.yamllint.yml: -------------------------------------------------------------------------------- 1 | # -*- mode: yaml -*- 2 | # vim:ts=2:sw=2:ai:si:syntax=yaml 3 | # 4 | # yamllint configuration directives 5 | # Project Homepage: https://github.com/adrienverge/yamllint 6 | # 7 | # Overriding rules in files: 8 | # http://yamllint.readthedocs.io/en/latest/disable_with_comments.html 9 | --- 10 | extends: default 11 | 12 | # Rules documentation: http://yamllint.readthedocs.io/en/latest/rules.html 13 | rules: 14 | 15 | braces: 16 | # Defaults 17 | # min-spaces-inside: 0 18 | # max-spaces-inside: 0 19 | 20 | # Keeping 0 min-spaces to not error on empty collection definitions 21 | min-spaces-inside: 0 22 | # Allowing one space inside braces to improve code readability 23 | max-spaces-inside: 1 24 | 25 | brackets: 26 | # Defaults 27 | # min-spaces-inside: 0 28 | # max-spaces-inside: 0 29 | 30 | # Keeping 0 min-spaces to not error on empty collection definitions 31 | min-spaces-inside: 0 32 | # Allowing one space inside braces to improve code readability 33 | max-spaces-inside: 1 34 | 35 | comments: 36 | # Defaults 37 | # level: warning 38 | # require-starting-space: true 39 | # min-spaces-from-content: 2 40 | 41 | # Disabling to allow for code comment blocks and #!/usr/bin/ansible-playbook 42 | require-starting-space: false 43 | 44 | indentation: 45 | # Defaults 46 | # spaces: consistent 47 | # indent-sequences: true 48 | # check-multi-line-strings: false 49 | 50 | # Requiring 2 space indentation 51 | spaces: 2 52 | # Requiring consistent indentation within a file, either indented or not 53 | indent-sequences: consistent 54 | 55 | # Disabling due to copious amounts of long lines in the code which would 56 | # require a code style change to resolve 57 | line-length: disable 58 | # Defaults 59 | # max: 80 60 | # allow-non-breakable-words: true 61 | # allow-non-breakable-inline-mappings: false 62 | 63 | # Disabling due to copious amounts of truthy warnings in the code which would 64 | # require a code style change to resolve 65 | truthy: disable 66 | # Defaults 67 | # level: warning 68 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM --platform=linux/amd64 ubuntu:22.04 2 | 3 | ARG build_date=unspecified 4 | 5 | # workspace location 6 | ARG WORKSPACE 7 | ENV WORKSPACE ${WORKSPACE:-/ansible} 8 | ENV ANSIBLE_COLLECTIONS_PATH / 9 | 10 | 11 | # LABEL org.opencontainers.image.title="MDD" \ 12 | # org.opencontainers.image.description="Model-Driven DevOps" \ 13 | # org.opencontainers.image.vendor="MDD" \ 14 | # org.opencontainers.image.created="${build_date}" \ 15 | # org.opencontainers.image.url="https://github.com/model-driven-devops/mdd" 16 | 17 | COPY requirements.txt /tmp/requirements.txt 18 | COPY requirements.yml /tmp/requirements.yml 19 | USER root 20 | RUN mkdir /root/.ssh && bash -c 'echo -e "Host *\n KexAlgorithms +diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1" > /root/.ssh/config' 21 | RUN mkdir /ansible_collections && chmod 777 /ansible_collections 22 | RUN apt-get update && \ 23 | apt-get install -y python3.10 python3-pip sshpass git && \ 24 | pip3 install --upgrade --no-cache-dir setuptools pip && \ 25 | echo "===> Installing PIP Requirements <===" && \ 26 | pip3 install --no-cache -r /tmp/requirements.txt && \ 27 | echo "===> Installing Ansible Collections <===" && \ 28 | rm -rf /var/lib/apt/lists/* && \ 29 | ansible-galaxy collection install -r /tmp/requirements.yml 30 | 31 | ENV ANSIBLE_HOST_KEY_CHECKING=false \ 32 | ANSIBLE_RETRY_FILES_ENABLED=false \ 33 | ANSIBLE_SSH_PIPELINING=true 34 | 35 | WORKDIR ${WORKSPACE} -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Model-Driven DevOps 2 | 3 | 4 | 5 | This is the companion repository for the book ["Model-Driven DevOps: Increasing agility and security in your physical network through DevOps"](https://www.informit.com/store/model-driven-devops-increasing-agility-and-security-9780137644674) 6 | ([Amazon](https://www.amazon.com/Model-driven-Devops-Increasing-Security-Physical/dp/0137644671/ref=sr_1_1?crid=1X8MTIAXRKLMI&keywords=model-driven+devops&qid=1650992113&sprefix=model-driven+devop%2Caps%2C202&sr=8-1)). It presents the code and a set 7 | of exercises that implements and demonstrates the concepts in the book. In this repo, you are encouraged to use and contribute to 8 | the code, submit [issues](https://github.com/model-driven-devops/mdd/issues) for problems and feature requests, and start/participate in 9 | [discussions](https://github.com/model-driven-devops/mdd/discussions). 10 | 11 | ## What is Model-Driven DevOps? 12 | 13 | Model-Driven Devops (MDD) is an IaC approach to automating physical infrastructure that focuses on data organization and movement into the network in a way that seeks to treat the network the same as other parts of the infrastructure. It focuses on using industry standard tools and DevOps methodologies implemented as a CI/CD pipeline to break down silos between network operations and the rest of the infrastructure. For example, this is a common flow in Cloud Operations: 14 | 15 | ![Cloud Ops Flow](exercises/cloud_ops_flow.png?raw=true "Cloud Ops Flow") 16 | 17 | Key to this flow is that all the data (Source of Truth) needed to configure the infrastructure is in the data file (CFT Template). Also, this is not a programmatic approach. If you want to configure something different, you add data to the Source of Truth as opposed to writing another Ansible playbook or Python script. We firmly believe that most network operators should not need to become programmers; however, they will have to learn a new skillset including APIs, data models, and data manipulation. 18 | 19 | When fully implemented, MDD requires a similar skillset to cloud operations. That is, when a network operator wants to configure, validate, or test something new, they just need to know how to add data to the Source of Truth and manipulate schemas. Furthermore, MDD can fit into existing CI/CD pipelines as opposed to needing to operate the network infrastructure differently. This allows for a de-siloization of IT making it possible to leverage developers and DevOps Engineers across application development, cloud operations, and network operations. This is because the MDD pipeline looks the same as any other code (or IaC) pipeline: 20 | 21 | ![MDD Branch Flow](exercises/mdd_branching.png?raw=true "MDD Branch Flow") 22 | 23 | This workflow allows for a group of network engineers and network operators to collaborate on a change, test that change, get approvals, then push that change into the production network. MDD's testing methodologies include linting the configuration data for typos, validating the configuration data for anything that would violate organization norms or create vulnerabilities, and then testing the result of that change in a network before deployment: 24 | 25 | ![MDD CI Flow](exercises/mdd_ci_flow.png?raw=true "MDD CI Flow") 26 | 27 | The goal is to find a bad configuration before it is pushed into the network. 28 | 29 | ## MDD Reference implementation 30 | 31 | This is the reference implementation for Model-Driven Devops as outlined in the book. While the book captures the reference implementation at a moment in time, the code in this repo will evolve while holding true to the core concepts presented in the book. 32 | 33 | ### Topology 34 | 35 | ![MDD Reference Topology](exercises/mdd_topo.png?raw=true "MDD Reference Topology") 36 | 37 | ### Exercises 38 | 39 | These exercises are provided to help get hands-on experience with the reference implementation. The book goes into depth on the individual steps as well as the core concepts behind them. 40 | 41 | > Note: the exercises below are intended for you to execute in your own environment and require CML and access to NSO software. If you would like to try out MDD in a DevNet sandbox, the exercises have been adapted and extended to work in the DevNet NSO sandbox. The DevNet NSO sandbox includes CML, NSO, GitLab and NetBox. The updated exercises can be found in the [mdd-workshop](https://github.com/model-driven-devops/mdd-workshop) repo. 42 | 43 | * [Initial Setup](exercises/initial-setup.md) 44 | * [Deploying the Topology](exercises/deploy-topology.md) 45 | * [Exploring the Inventory](exercises/explore-inventory.md) 46 | * [Exploring the Data](exercises/explore-data.md) 47 | * [Exercising the Runner](exercises/explore-runner.md) 48 | * [Data Validation](exercises/data-validation.md) 49 | * [Pushing the Data](exercises/push-data.md) 50 | * [State Checking](exercises/check-state.md) 51 | -------------------------------------------------------------------------------- /ansible.cfg: -------------------------------------------------------------------------------- 1 | [defaults] 2 | host_key_checking = False 3 | inventory = ./inventory 4 | interpreter_python = auto_silent 5 | display_skipped_hosts = false 6 | 7 | [persistent_connection] 8 | connect_timeout = 60 9 | command_timeout = 60 10 | -------------------------------------------------------------------------------- /envvars: -------------------------------------------------------------------------------- 1 | export ANSIBLE_COLLECTIONS_PATH=./ 2 | export ANSIBLE_PYTHON_INTERPRETER=${VIRTUAL_ENV}/bin/python 3 | export CML_HOST=YOUR_CML_HOST 4 | export CML_USERNAME=YOUR_CML_USERNAME 5 | export CML_PASSWORD=YOUR_CML_PASSWORD 6 | export CML_LAB=YOUR_CML_LAB 7 | export CML_VERIFY_CERT=false 8 | -------------------------------------------------------------------------------- /exercises/MDD-Book-Cover.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/MDD-Book-Cover.png -------------------------------------------------------------------------------- /exercises/cloud_ops_flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/cloud_ops_flow.png -------------------------------------------------------------------------------- /exercises/data-validation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/data-validation.png -------------------------------------------------------------------------------- /exercises/deploy-topology.md: -------------------------------------------------------------------------------- 1 | # Deploying the Topology 2 | 3 | ## Dependencies 4 | 5 | See [Initial Setup](initial-setup.md) 6 | 7 | ## Topology 8 | 9 | ![MDD Reference Topology](mdd_topo.png?raw=true "MDD Reference Topology") 10 | 11 | ## Environment Variables 12 | 13 | * `CML_HOST`: The hostname of the CML server 14 | * `CML_USERNAME`: The username of the CM user. 15 | * `CML_PASSWORD`: The password of the CML user. 16 | * `CML_LAB`: The name of the lab 17 | * `CML_VERIFY_CERT`: Whether to verify SSL Certificates 18 | 19 | ## Ansible Variables 20 | 21 | * `cml_lab_file`: The CML topology file to deploy (defined in `inventory/group_vars/all/cml.yml`) 22 | * `nso_installer_file`: URL to the NSO installer file 23 | * `nso_ned_files`: List of URLs to the NSO NED files 24 | 25 | ## Procedure 26 | 27 | ### CML 28 | 29 | #### Build the CML Topology 30 | 31 | * Create the topology 32 | 33 | ``` 34 | ansible-playbook cisco.cml.build -e startup='host' -e wait='yes' 35 | ``` 36 | 37 | #### Cleaning the CML Topology (optional) 38 | 39 | * Stop each node and delete the topology 40 | 41 | ``` 42 | ansible-playbook cisco.cml.clean 43 | ``` 44 | 45 | #### Getting Inventory (optional) 46 | 47 | * Display the current inventory of CML devices 48 | 49 | ``` 50 | ansible-playbook cisco.cml.inventory 51 | ``` 52 | 53 | ### NSO 54 | 55 | #### Install NSO Software 56 | 57 | * Install NSO in server mode 58 | 59 | ``` 60 | ansible-playbook ciscops.mdd.nso_install 61 | ``` 62 | 63 | #### Installing NSO Packages 64 | 65 | * Install NSO MDD Packages 66 | 67 | ``` 68 | ansible-playbook ciscops.mdd.nso_update_packages 69 | ``` 70 | 71 | #### Inititalize NSO 72 | 73 | * Add default Auth Group 74 | 75 | ``` 76 | ansible-playbook ciscops.mdd.nso_init 77 | ``` 78 | 79 | #### Adding CML Devices to NSO 80 | 81 | * Add devices from inventory into NSO 82 | 83 | ``` 84 | ansible-playbook ciscops.mdd.nso_update_devices 85 | ``` 86 | 87 | >Note: Can be run with `--limit=` to limit the scope of the playbook 88 | 89 | #### Update NSO config from device (optional) 90 | 91 | * Re-sync configuration from the device 92 | 93 | ``` 94 | ansible-playbook ciscops.mdd.nso_sync_from 95 | ``` 96 | 97 | >Note: Can be run with `--limit=` to limit the scope of the playbook 98 | 99 | #### Update device config from NSO (optional) 100 | 101 | * Re-sync configuration to the device 102 | 103 | ``` 104 | ansible-playbook ciscops.mdd.nso_sync_to 105 | ``` 106 | 107 | >Note: Can be run with `--limit=` to limit the scope of the playbook 108 | 109 | 110 | #### Check to make sure device is in sync with NSO (optional) 111 | 112 | * Re-sync configuration from the device 113 | 114 | ``` 115 | ansible-playbook ciscops.mdd.nso_check_sync 116 | ``` 117 | 118 | >Note: Can be run with `--limit=` to limit the scope of the playbook -------------------------------------------------------------------------------- /exercises/explore-data.md: -------------------------------------------------------------------------------- 1 | # MDD: Exploring the Data 2 | Although we also leverage the Ansible inventory, we use a separate role called `ciscops.mdd.data` to construct the data needed to configure devices. This is because the large about of data necessary to configure modern networks would be difficult to manage with the way the Ansible inventory system works. This method allows the tool to read just the data that is needed into the device's context and for that data to be organized in a deterministic hierarchy. 3 | 4 | In order to make it easy to leverage, the role can be called in the roles sections of the playbook. For example, here is a simple playbook (`ciscops.mdd.show`) that displays the data constructed for a particular device: 5 | 6 | ``` 7 | - hosts: network 8 | connection: local 9 | gather_facts: no 10 | roles: 11 | - ciscops.mdd.data 12 | tasks: 13 | - debug: 14 | var: mdd_data 15 | ``` 16 | 17 | Notice that the invocation of the `ciscops.mdd.data` creates the `mdd_data` data structure that contains the device's configuration data that can be used later in the playbook. 18 | 19 | We use a separate directory hierarchy to hold the MDD data named `mdd-data` (this can be changed in the defaults). The data is laid out in the directory as follows: 20 | 21 | ``` 22 | mdd-data 23 | └── org 24 | ├── region1 25 | │   ├── hq 26 | │   │   ├── hq-rtr1 27 | │   │   ├── hq-rtr2 28 | │   │   ├── hq-sw1 29 | │   │   └── hq-sw2 30 | │   └── site1 31 | │   ├── site1-rtr1 32 | │   └── site1-sw1 33 | └── region2 34 | └── site2 35 | ├── site2-rtr1 36 | └── site2-sw1 37 | ``` 38 | 39 | This aligns with the way that the devices are organized in the Ansible inventory: 40 | 41 | ``` 42 | @all: 43 | |--@org: 44 | | |--@region1: 45 | | | |--@hq: 46 | | | | |--hq-rtr1 47 | | | | |--hq-rtr2 48 | | | | |--hq-sw1 49 | | | | |--hq-sw2 50 | | | |--@site1: 51 | | | | |--site1-rtr1 52 | | | | |--site1-sw1 53 | | |--@region2: 54 | | | |--@site2: 55 | | | | |--site2-rtr1 56 | | | | |--site2-sw1 57 | ``` 58 | 59 | Data at the deeper levels of the tree (closer to the device) take precedence over data closer to the root of the tree. Each of the files in the hierarchy are named by for the purpose and content. For OpenConfig data, the filenames begin with `oc-`, but this is configurable. For example, the file `mdd-data/org/oc-ntp.yml` contains the organization level NTP configuration: 60 | 61 | ``` 62 | --- 63 | mdd_data: 64 | openconfig-system:system: 65 | openconfig-system:clock: 66 | config: 67 | timezone-name: 'PST -8 0' 68 | openconfig-system:ntp: 69 | config: 70 | enabled: true 71 | servers: 72 | server: 73 | - address: '1.us.pool.ntp.org' 74 | config: 75 | address: '1.us.pool.ntp.org' 76 | association-type: SERVER 77 | iburst: true 78 | - address: '2.us.pool.ntp.org' 79 | config: 80 | address: '2.us.pool.ntp.org' 81 | association-type: SERVER 82 | iburst: true 83 | ``` 84 | 85 | The OpenConfig data is collected under the `mdd_data` key. While this file just includes the OC data to define NTP, it will later be combined with the rest of the OC data to create the full data payload. Since this data is at the root of the hierarchy, it can be overridden by anything else closer to the device. If we want to set `timezone-name` to something specific to a particular region, we can override it at the region level. For example, `mdd-data/org/region2/oc-ntp.yml` could contain: 86 | 87 | ``` 88 | --- 89 | mdd_data: 90 | openconfig-system:system: 91 | openconfig-system:clock: 92 | config: 93 | timezone-name: 'EST -5 0' 94 | ``` 95 | 96 | This file only contains the data needed to override specific values and the approriate structure to place it in context of the overall data model. 97 | 98 | To see the effect this has on the data, run the following: 99 | 100 | ``` 101 | ansible-playbook ciscops.mdd.show --limit=site1-rtr1 102 | ``` 103 | 104 | And compare to: 105 | 106 | ``` 107 | ansible-playbook ciscops.mdd.show --limit=site2-rtr1 108 | ``` 109 | 110 | In particular, note the timezone set for `site1-rtr1`: 111 | ``` 112 | "openconfig-system:clock": { 113 | "config": { 114 | "timezone-name": "PST -8 0" 115 | } 116 | }, 117 | ``` 118 | 119 | Compared to the timezone set for `site2-rtr1`: 120 | ``` 121 | "openconfig-system:clock": { 122 | "config": { 123 | "timezone-name": "EST -5 0" 124 | } 125 | }, 126 | ``` 127 | 128 | It matches the "patch" that we made to the data for region2. 129 | 130 | This is all done witha the custom filter `ciscops.mdd.mdd_combine` that is built off of the Ansible built-in `combine` filter. Using specific knowledge of the YANG data model, `ciscops.mdd.mdd_combine` is able to do context-aware patching of the data such that the intent of the patch is preserved in the resultant data model. It is invoked in the same way as the `combine` filter: 131 | 132 | ``` 133 | - name: Combine the MDD Data 134 | set_fact: 135 | mdd_data: "{{ mdd_data_list | ciscops.mdd.mdd_combine(recursive=True) }}" 136 | ``` 137 | 138 | This invocation of the `ciscops.mdd.mdd_combine` filter takes the default data and a list of patches and combines it recursively to produce one data structure where the patches later in the list take precedence over the data earlier in the list. 139 | -------------------------------------------------------------------------------- /exercises/explore-runner.md: -------------------------------------------------------------------------------- 1 | # MDD: Exploring the Runner 2 | 3 | A runner is used to execute a sequence of operations that achieve and overall task or workflow. The MDD reference implementation uses [Github Actions](https://github.com/features/actions) as a runner for its CI/CD pipeline because it is integrated into the GitHub platform. An Enterprise might choose other runners such as GitLab CI or Jenkins. Since most runners operate fundamentally the same way, moving between runners is not difficult. This reference implementation uses the same runner for both CI and CD. This is by design since the only way to completely test the CD tooling is to use it for CI. A feature of GitHub Actions that is also found in most other runners is the ability to start a workflow through an API. This allows for higher-level applications such as ITSMs to start CI and CD workflows in order to fulfill a customer request. 4 | 5 | As an example of a runner, let's consider a simple one that runs a command from a previous exercise: 6 | 7 | 8 | ``` 9 | --- 10 | name: Show 11 | on: 12 | workflow_dispatch: 13 | inputs: 14 | limit: 15 | description: 'Limit Hosts' 16 | type: string 17 | required: false 18 | default: 'all' 19 | 20 | jobs: 21 | show: 22 | runs-on: ubuntu-20.04 23 | container: 24 | image: ghcr.io/model-driven-devops/mdd:latest 25 | steps: 26 | - name: Checkout Inventory 27 | uses: actions/checkout@v2 28 | - name: Show 29 | run: ansible-playbook ciscops.mdd.show --limit=${{ inputs.limit }} 30 | ``` 31 | 32 | This Github Actions checks out the repo and then runs the playbook `ciscops.mdd.show`. The `on:` section defines this as an on-demand action (as opposed to being tied to another action or timed running) that can take input. In this case, it can take in a list of hosts to limit the running of the playbook against that subset of hosts. In the `jobs:` section, the type of node and the container in which to run the commands is defined. By using a container, we can make sure that all of the tooling and its dependencies are available. Finally, each individual command is specified under `steps:`. When run, the action simply executes each of these commands in order. More information can be found in the [GitHub Action documentation](https://docs.github.com/en/actions). 33 | 34 | In order to put this action into service, it is saved as `.github/workflows/show.yml` in the repository. After this file is checked into the repo, the action will show under the Actions tab (assuming that you have Actions enabled): 35 | 36 | ![Workflow List](workflow-list.png?raw=true "Workflow List") 37 | 38 | In order to run the workflow, pick the `Show` workflow from this list, select the branch, and modify `Limit Hosts` to suit intent: 39 | 40 | ![Run Workflow](run-workflow.png?raw=true "Run Workflow") 41 | 42 | Afterwards, you should be able to click on the workflow job and get the output: 43 | 44 | ![Workflow Output](workflow-output.png?raw=true "Workflow Output") 45 | 46 | -------------------------------------------------------------------------------- /exercises/initial-setup.md: -------------------------------------------------------------------------------- 1 | # Initial Setup 2 | 3 | There are three ways to run the tooling in this repo: 4 | 1) Locally in the native OS 5 | 2) Using a container on top of your native OS 6 | 3) Using GitHub actions from a fork of the repo (covered later) 7 | 8 | ## Cloning the repo for local execution 9 | ### Clone the repo 10 | 11 | First, clone and enter the repo: 12 | ``` 13 | git clone https://github.com/model-driven-devops/mdd.git 14 | cd mdd 15 | ``` 16 | 17 | ## Dependencies 18 | 19 | * Environmental Variables 20 | * Docker (if running in a docker container) 21 | 22 | ### Environmental Variables 23 | The MDD tooling requires several environment variables. The first one required for 24 | base execution is: 25 | ``` 26 | export ANSIBLE_PYTHON_INTERPRETER=${VIRTUAL_ENV}/bin/python 27 | ``` 28 | 29 | You can define this variable from the `envars` file: 30 | 31 | ``` 32 | . ./envvars 33 | ``` 34 | 35 | ### Docker 36 | 37 | ## Running Locally in the Native OS 38 | ### Python Dependencies 39 | Next, it is highly recommended that you create a virtual environment to make it easier to 40 | install the dependencies without conflict: 41 | 42 | ``` 43 | python3 -m venv venv-mdd 44 | . ./venv-mdd/bin/activate 45 | ``` 46 | 47 | Next, install the Python requirements via pip: 48 | ``` 49 | pip3 install -r requirements.txt 50 | ``` 51 | ### Reactivate Virtual Environment 52 | Reactivate virtual environment to ensure your shell is using the newly installed ansible. 53 | ``` 54 | deactivate 55 | ``` 56 | ``` 57 | . ./venv-mdd/bin/activate 58 | ``` 59 | ### Ansible Collections 60 | The MDD tooling is distributed via an Ansible Collection. To install the tooling and it's 61 | Ansible dependencies, use ansible-galaxy: 62 | 63 | ``` 64 | ansible-galaxy collection install -r requirements.yml 65 | ``` 66 | > Note: If you want to develop a collection, you need to set `ANSIBLE_COLLECTIONS_PATH` (or set in ansible.cfg) 67 | before installing the requirements above to tell Ansible to look locally for collections, comment out the collection 68 | in requirements.yml, and clone the collection repo directly, e.g. 69 | ``` 70 | export ANSIBLE_COLLECTIONS_PATH=./ 71 | cd ansible_collections 72 | mkdir ciscops 73 | cd ciscops 74 | git clone https://github.com/model-driven-devops/ansible-mdd mdd 75 | ``` 76 | 77 | ## Running in a Container on top of your native OS 78 | If you are running the tools from a CI runner like GitHib Actions, you'll need to consult that CI runner's 79 | documentation for how to run tooling from a container. Examples of how to run the tooling from a 80 | container in GitHib actions can be found in `.github/workflows` in this repo. 81 | 82 | *** Need to put more verbiage on running in the container (e.g. Where does it get the tooling, where does it get the data) 83 | 84 | If you are running the tooling locally instide a container, you can use the provided shell script 85 | `play.sh`. To use it, replace `ansible-playbook` with `./play.sh` as follows: 86 | 87 | ``` 88 | ./play.sh ciscops.mdd.show --limit=hq-rtr1 89 | ``` 90 | 91 | > Note: The same applies as above to developing running in the container. 92 | 93 | ## Testing 94 | At this point, you should be able to show the config data for the hosts in the inventory. 95 | To show the config data for `hq-rtr1`, run: 96 | ``` 97 | ansible-playbook ciscops.mdd.show --limit=hq-rtr1 98 | ``` -------------------------------------------------------------------------------- /exercises/mdd_branching.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/mdd_branching.png -------------------------------------------------------------------------------- /exercises/mdd_ci_flow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/mdd_ci_flow.png -------------------------------------------------------------------------------- /exercises/mdd_topo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/mdd_topo.png -------------------------------------------------------------------------------- /exercises/overview-check-state.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/overview-check-state.png -------------------------------------------------------------------------------- /exercises/overview-data-validation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/overview-data-validation.png -------------------------------------------------------------------------------- /exercises/overview-push-data.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/overview-push-data.png -------------------------------------------------------------------------------- /exercises/run-workflow.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/run-workflow.png -------------------------------------------------------------------------------- /exercises/workflow-list.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/workflow-list.png -------------------------------------------------------------------------------- /exercises/workflow-output.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/exercises/workflow-output.png -------------------------------------------------------------------------------- /extras/create-gitlab-project.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Uncomment the following and define proper values (or specify as environment variables) 4 | 5 | # GITLAB_HOST=https://gitlab.example.com 6 | # GITLAB_USER=foo 7 | # GITLAB_API_TOKEN=abc123 8 | # GITLAB_PROJECT=model-driven-devops 9 | # CML_HOST=cml.example.com 10 | # CML_USERNAME=foo 11 | # CML_PASSWORD=bar 12 | # CML_LAB=model-driven-devops 13 | 14 | # Add new project 15 | curl --request POST -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects" --form "name=$GITLAB_PROJECT" 16 | 17 | # Add new vars 18 | curl --request POST -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects/$GITLAB_USER%2f$GITLAB_PROJECT/variables" --form "key=CML_HOST" --form "value=$CML_HOST" 19 | curl --request POST -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects/$GITLAB_USER%2f$GITLAB_PROJECT/variables" --form "key=CML_USERNAME" --form "value=$CML_USERNAME" 20 | curl --request POST -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects/$GITLAB_USER%2f$GITLAB_PROJECT/variables" --form "key=CML_PASSWORD" --form "value=$CML_PASSWORD" 21 | curl --request POST -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects/$GITLAB_USER%2f$GITLAB_PROJECT/variables" --form "key=CML_LAB" --form "value=$CML_LAB" 22 | curl --request POST -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects/$GITLAB_USER%2f$GITLAB_PROJECT/variables" --form "key=AWS_ACCESS_KEY_ID" --form "value=$AWS_ACCESS_KEY_ID" 23 | curl --request POST -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects/$GITLAB_USER%2f$GITLAB_PROJECT/variables" --form "key=AWS_SECRET_ACCESS_KEY" --form "value=$AWS_SECRET_ACCESS_KEY" 24 | curl --request POST -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects/$GITLAB_USER%2f$GITLAB_PROJECT/variables" --form "key=AWS_REGION" --form "value=$AWS_REGION" 25 | curl --request POST -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects/$GITLAB_USER%2f$GITLAB_PROJECT/variables" --form "key=AWS_BUCKET" --form "value=$AWS_BUCKET" 26 | -------------------------------------------------------------------------------- /extras/delete-gitlab-project.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Uncomment the following and define proper values (or specify as environment variables) 4 | 5 | # GITLAB_HOST=https://gitlab.example.com 6 | # GITLAB_USER=foo 7 | # GITLAB_API_TOKEN=abc123 8 | # GITLAB_PROJECT=model-driven-devops 9 | 10 | # Delete project 11 | curl --request DELETE -sSLk --header "PRIVATE-TOKEN: $GITLAB_API_TOKEN" "$GITLAB_HOST/api/v4/projects/$GITLAB_USER%2f$GITLAB_PROJECT/" 12 | -------------------------------------------------------------------------------- /files/virl2_client-2.4.0+build.2-py3-none-any.whl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/model-driven-devops/mdd/5ce119465ceaf012dee65dae7eb9949a9a784aba/files/virl2_client-2.4.0+build.2-py3-none-any.whl -------------------------------------------------------------------------------- /inventory/cml.yml: -------------------------------------------------------------------------------- 1 | --- 2 | plugin: cisco.cml.cml_inventory 3 | group_tags: nso, awx, netbox, network, ios, nxos 4 | -------------------------------------------------------------------------------- /inventory/group_vars/all/cml.yml: -------------------------------------------------------------------------------- 1 | cml_lab_file: "{{ lookup('env', 'PWD') }}/files/arch4_csr_pop.yaml.j2" 2 | cml_device_template: 3 | switch: 4 | node_definition: iosvl2 5 | ram: 768 6 | tags: 7 | - switch 8 | type: switch 9 | router: 10 | node_definition: csr1000v 11 | ram: 3072 12 | tags: 13 | - router 14 | type: router 15 | # Uncomment if setting use_cat9kv to True 16 | l3switch: 17 | node_definition: Cat9000v 18 | image_definition: Cat9kv-17.12.1 19 | ram: 18432 20 | cpus: 4 21 | tags: 22 | - l3switch 23 | type: l3switch 24 | # Uncomment if setting use_cat9kv to False 25 | # l3switch: 26 | # node_definition: iosvl2 27 | # ram: 768 28 | # tags: 29 | # - l3switch 30 | # type: l3switch 31 | ext_conn: 32 | node_definition: external_connector 33 | ram: 0 34 | tags: [] 35 | # Default interface mappings for CML, uncomment to add/modify 36 | # Note: any interfaces not handled here will be truncated when mapping physical to virtual 37 | # cml_default_mappings: 38 | # Loopback(\d+): Loopback\1 39 | # Vlan(\d+): Vlan\1 40 | -------------------------------------------------------------------------------- /inventory/group_vars/all/mdd.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # The root directory where the MDD Data is stored 3 | # mdd_data_root: "{{ lookup('env', 'PWD') }}/mdd-data" 4 | # The directory items that make up the direct path 5 | # from the highest level to the device specific level 6 | # mdd_dir_items: >- 7 | # {{ ((regions + sites) | intersect(group_names)) + 8 | # [ inventory_hostname ] }} 9 | # The data directory for the particular device 10 | # mdd_device_dir: >- 11 | # {{ mdd_data_root }}/{{ mdd_dir_items | join('/') }} 12 | # The file pattern for files that specify MDD Data 13 | # mdd_data_patterns: 14 | # - 'oc-*.yml' 15 | # - 'config-*.yml' 16 | # The data types that MDD will operate on 17 | mdd_data_types: 18 | - oc 19 | # - config 20 | # The file pattern for files that specify state checks 21 | mdd_check_patterns: 22 | - 'check-*.yml' 23 | # default file location for JSON schemas 24 | mdd_schema_root: "{{ lookup('env', 'PWD') }}/schemas" 25 | # The file pattern for files that specify data validation 26 | mdd_validate_patterns: 27 | - 'validate-*.yml' 28 | -------------------------------------------------------------------------------- /inventory/group_vars/hq.yml: -------------------------------------------------------------------------------- 1 | site_name: 'hq' -------------------------------------------------------------------------------- /inventory/group_vars/routers.yml: -------------------------------------------------------------------------------- 1 | cml_config_file: "{{ lookup('env', 'PWD') }}/templates/ios/bootstrap.j2" 2 | mgmt_interface: GigabitEthernet1 -------------------------------------------------------------------------------- /inventory/group_vars/site1.yml: -------------------------------------------------------------------------------- 1 | site_name: 'site1' -------------------------------------------------------------------------------- /inventory/group_vars/site2.yml: -------------------------------------------------------------------------------- 1 | site_name: 'site2' -------------------------------------------------------------------------------- /inventory/group_vars/switches.yml: -------------------------------------------------------------------------------- 1 | cml_config_file: "{{ lookup('env', 'PWD') }}/templates/ios/bootstrap.j2" 2 | mgmt_interface: GigabitEthernet0/0 -------------------------------------------------------------------------------- /inventory/network.yml: -------------------------------------------------------------------------------- 1 | all: 2 | vars: 3 | ansible_user: "{{ lookup('env', 'NSO_DEVICES_USERNAME') | default('admin', true) }}" 4 | ansible_password: "{{ lookup('env', 'NSO_DEVICES_PASSWORD') | default('admin', true) }}" 5 | ansible_network_os: ios 6 | netconf_template_os: ios 7 | sites: 8 | - hq 9 | - site1 10 | - site2 11 | regions: 12 | - org 13 | - region1 14 | - region2 15 | children: 16 | network: 17 | children: 18 | switches: 19 | hosts: 20 | hq-sw1: 21 | hq-sw2: 22 | site1-sw1: 23 | site2-sw1: 24 | routers: 25 | children: 26 | hq_routers: 27 | hosts: 28 | hq-rtr1: 29 | hq-rtr2: 30 | hq-pop: 31 | site_routers: 32 | hosts: 33 | site1-rtr1: 34 | site2-rtr1: 35 | WAN_routers: 36 | hosts: 37 | WAN-rtr1: 38 | org: 39 | children: 40 | region1: 41 | children: 42 | hq: 43 | hosts: 44 | hq-rtr1: 45 | tags: 46 | - hq_router 47 | - bgp 48 | - ospf 49 | hq-rtr2: 50 | tags: 51 | - hq_router 52 | - bgp 53 | - ospf 54 | hq-sw1: 55 | tags: 56 | - switch 57 | hq-sw2: 58 | tags: 59 | - switch 60 | hq-pop: 61 | tags: 62 | - hq_pop 63 | WAN-rtr1: 64 | tags: 65 | - WAN_router 66 | site1: 67 | hosts: 68 | site1-rtr1: 69 | tags: 70 | - site_router 71 | site1-sw1: 72 | tags: 73 | - switch 74 | region2: 75 | children: 76 | site2: 77 | hosts: 78 | site2-rtr1: 79 | tags: 80 | - site_router 81 | site2-sw1: 82 | tags: 83 | - switch 84 | -------------------------------------------------------------------------------- /inventory/nso.yml: -------------------------------------------------------------------------------- 1 | all: 2 | vars: 3 | mdd_model_repos: 4 | - name: nso-oc-services 5 | model_list: 6 | - mdd 7 | nso_installer_file: https://colabucket.s3.dualstack.us-east-1.amazonaws.com/sw/cisco/nso/6.1/nso-6.1.linux.x86_64.signed.bin 8 | nso_ned_files: 9 | - https://colabucket.s3.dualstack.us-east-1.amazonaws.com/sw/cisco/nso/6.1/ncs-6.1-cisco-ios-6.92.7.signed.bin 10 | - https://colabucket.s3.dualstack.us-east-1.amazonaws.com/sw/cisco/nso/6.1/ncs-6.1-cisco-nx-5.23.13.signed.bin 11 | - https://colabucket.s3.dualstack.us-east-1.amazonaws.com/sw/cisco/nso/6.1/ncs-6.1-cisco-iosxr-7.49.2.signed.bin 12 | - https://colabucket.s3.dualstack.us-east-1.amazonaws.com/sw/cisco/nso/6.1/ncs-6.0.3-cisco-asa-6.18.3.signed.bin 13 | nso_default_ned: cisco-ios-cli-6.92 14 | nso_package_repos: 15 | - name: mdd 16 | repo: https://github.com/model-driven-devops/nso-oc-services.git 17 | version: v2.79.3 18 | service_list: 19 | - mdd 20 | children: 21 | nso: 22 | vars: 23 | ansible_user: "{{ lookup('env', 'NSO_USERNAME') | default('ubuntu', true) }}" 24 | ansible_password: "{{ lookup('env', 'NSO_PASSWORD') | default('admin', true) }}" 25 | ansible_python_interpreter: /usr/bin/python3 26 | hosts: 27 | nso1: 28 | -------------------------------------------------------------------------------- /inventory/system.yml: -------------------------------------------------------------------------------- 1 | all: 2 | children: 3 | system: 4 | vars: 5 | host_interface: ens2 6 | children: 7 | client: 8 | hosts: 9 | hq-host1: 10 | host_ip: 172.16.0.100/24 11 | host_gateway: 172.16.0.1 12 | site1-host1: 13 | host_ip: 192.168.1.100/24 14 | host_gateway: 192.168.1.1 15 | site2-host1: 16 | host_ip: 192.168.2.100/24 17 | host_gateway: 192.168.2.1 18 | server: 19 | hosts: 20 | nso1: 21 | interfaces: 22 | ens3: 23 | enabled: true 24 | ip: 25 | primary: 172.16.0.101/24 26 | static_routes: 27 | 172.16.0.0/24: 28 | next_hop: 172.16.0.1 29 | 172.16.254.0/24: 30 | next_hop: 172.16.0.1 31 | 172.16.255.0/24: 32 | next_hop: 172.16.0.1 33 | 10.0.0.0/8: 34 | next_hop: 172.16.0.1 35 | 192.168.0.0/16: 36 | next_hop: 172.16.0.1 37 | -------------------------------------------------------------------------------- /mdd-data/org/check-bgp-neighbor-status.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_tags: 3 | - hq_router 4 | - site_router 5 | mdd_checks: 6 | - name: BGP VPNV4 Neighbor Status 7 | command: 'show ip bgp vpnv4 all neighbors' 8 | schema: 'pyats/bgp-neighbor-state.yml' 9 | method: nso_parse 10 | -------------------------------------------------------------------------------- /mdd-data/org/check-site-routes.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_tags: 3 | - hq_router 4 | - site_router 5 | mdd_checks: 6 | - name: Check Network-wide Routes 7 | command: 'show ip route vrf internal_1' 8 | schema: 'pyats/show_ip_route.yml.j2' 9 | method: nso_parse 10 | check_vars: 11 | vrf: internal_1 12 | routes: 13 | - route: 172.16.0.0/24 14 | - route: 192.168.1.0/24 15 | - route: 192.168.2.0/24 16 | -------------------------------------------------------------------------------- /mdd-data/org/oc-banner.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-system:system: 5 | openconfig-system:config: 6 | openconfig-system:login-banner: "Unauthorized access is prohibited!" 7 | openconfig-system:motd-banner: "Welcome to {{ inventory_hostname }}" 8 | -------------------------------------------------------------------------------- /mdd-data/org/oc-ntp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-system:system: 5 | openconfig-system:clock: 6 | openconfig-system:config: 7 | openconfig-system:timezone-name: 'PST -8 0' 8 | openconfig-system:ntp: 9 | openconfig-system:config: 10 | openconfig-system:enabled: true 11 | openconfig-system:servers: 12 | openconfig-system:server: 13 | - openconfig-system:address: '216.239.35.0' 14 | openconfig-system:config: 15 | openconfig-system:address: '216.239.35.0' 16 | openconfig-system:association-type: SERVER 17 | openconfig-system:iburst: true 18 | - openconfig-system:address: '216.239.35.4' 19 | openconfig-system:config: 20 | openconfig-system:address: '216.239.35.4' 21 | openconfig-system:association-type: SERVER 22 | openconfig-system:iburst: true 23 | -------------------------------------------------------------------------------- /mdd-data/org/oc-stp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_tags: 3 | - switch 4 | mdd_data: 5 | mdd:openconfig: 6 | openconfig-spanning-tree:stp: 7 | openconfig-spanning-tree:global: 8 | openconfig-spanning-tree:config: 9 | openconfig-spanning-tree:loop-guard: true 10 | openconfig-spanning-tree:etherchannel-misconfig-guard: true 11 | openconfig-spanning-tree:bpdu-guard: true 12 | openconfig-spanning-tree:bpdu-filter: false 13 | openconfig-spanning-tree:enabled-protocol: 14 | - RAPID_PVST 15 | -------------------------------------------------------------------------------- /mdd-data/org/oc-system.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-system:system: 5 | openconfig-system:logging: 6 | openconfig-system:console: 7 | openconfig-system:config: 8 | openconfig-system-ext:enabled: false 9 | openconfig-system-ext:timestamps: 10 | openconfig-system-ext:logging: 11 | openconfig-system-ext:config: 12 | openconfig-system-ext:enabled: true 13 | openconfig-system-ext:datetime: true 14 | openconfig-system-ext:uptime: false 15 | openconfig-system-ext:localtime: false 16 | openconfig-system-ext:debugging: 17 | openconfig-system-ext:config: 18 | openconfig-system-ext:enabled: true 19 | openconfig-system-ext:datetime: true 20 | openconfig-system-ext:uptime: false 21 | openconfig-system-ext:localtime: false 22 | openconfig-system:config: 23 | openconfig-system:domain-name: mdd.cisco.com 24 | openconfig-system:hostname: '{{ inventory_hostname }}' 25 | openconfig-system-ext:services: 26 | openconfig-system-ext:config: 27 | openconfig-system-ext:finger: false 28 | openconfig-system-ext:service-tcp-small-servers: false 29 | openconfig-system-ext:service-udp-small-servers: false 30 | openconfig-system-ext:http: 31 | openconfig-system-ext:config: 32 | openconfig-system-ext:http-enabled: false 33 | openconfig-system-ext:https-enabled: true 34 | openconfig-system-ext:ip-http-max-connections: 2 35 | openconfig-system:dns: 36 | openconfig-system:servers: 37 | openconfig-system:server: 38 | - openconfig-system:address: 208.67.222.222 39 | openconfig-system:config: 40 | openconfig-system:address: 208.67.222.222 41 | openconfig-system:port: 53 # always 53 for ios 42 | - openconfig-system:address: 208.67.220.220 43 | openconfig-system:config: 44 | openconfig-system:address: 208.67.220.220 45 | openconfig-system:port: 53 # always 53 for ios 46 | openconfig-system:ssh-server: 47 | openconfig-system:config: 48 | # openconfig-system-ext:absolute-timeout-minutes: 1200 49 | openconfig-system-ext:ssh-timeout: 60 # ip ssh timeout 50 | openconfig-system:enable: true # adds line transport input ssh; must be enabled for this to work 51 | openconfig-system:protocol-version: V2 # ip ssh version 2 52 | openconfig-system:rate-limit: 0 # unsupported in ios 53 | # openconfig-system:session-limit: 16 # line session-limit 16 54 | openconfig-system:timeout: 1800 # seconds - line exec-timeout 30 0 55 | -------------------------------------------------------------------------------- /mdd-data/org/oc-vlan.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_tags: 3 | - switch 4 | mdd_data: 5 | mdd:openconfig: 6 | openconfig-network-instance:network-instances: 7 | openconfig-network-instance:network-instance: 8 | - openconfig-network-instance:name: 'default' 9 | openconfig-network-instance:config: 10 | openconfig-network-instance:name: 'default' 11 | openconfig-network-instance:type: 'DEFAULT_INSTANCE' 12 | openconfig-network-instance:enabled: true 13 | openconfig-network-instance:vlans: 14 | openconfig-network-instance:vlan: 15 | - openconfig-network-instance:vlan-id: 10 16 | openconfig-network-instance:config: 17 | openconfig-network-instance:vlan-id: 10 18 | openconfig-network-instance:name: 'Internal-1' 19 | openconfig-network-instance:status: 'ACTIVE' 20 | - openconfig-network-instance:vlan-id: 99 21 | openconfig-network-instance:config: 22 | openconfig-network-instance:vlan-id: 99 23 | openconfig-network-instance:name: 'Native' 24 | openconfig-network-instance:status: 'ACTIVE' 25 | - openconfig-network-instance:vlan-id: 100 26 | openconfig-network-instance:config: 27 | openconfig-network-instance:vlan-id: 100 28 | openconfig-network-instance:name: 'Corporate' 29 | openconfig-network-instance:status: 'ACTIVE' 30 | - openconfig-network-instance:vlan-id: 101 31 | openconfig-network-instance:config: 32 | openconfig-network-instance:vlan-id: 101 33 | openconfig-network-instance:name: 'Guest' 34 | openconfig-network-instance:status: 'ACTIVE' 35 | -------------------------------------------------------------------------------- /mdd-data/org/oc-vrf.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-network-instance:network-instances: 5 | openconfig-network-instance:network-instance: 6 | - openconfig-network-instance:name: Mgmt-intf 7 | openconfig-network-instance:config: 8 | openconfig-network-instance:name: Mgmt-intf 9 | openconfig-network-instance:type: L3VRF 10 | openconfig-network-instance:enabled: true 11 | openconfig-network-instance:enabled-address-families: 12 | - IPV4 13 | - IPV6 14 | mdd_tags: 15 | - router 16 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/WAN-rtr1/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: Loopback0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: Loopback0 10 | openconfig-interfaces:type: softwareLoopback 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:addresses: 18 | openconfig-if-ip:address: 19 | - openconfig-if-ip:ip: 10.255.255.1 20 | openconfig-if-ip:config: 21 | openconfig-if-ip:ip: 10.255.255.1 22 | openconfig-if-ip:prefix-length: 32 23 | - openconfig-interfaces:name: GigabitEthernet1 24 | openconfig-interfaces:config: 25 | openconfig-interfaces:enabled: true 26 | openconfig-interfaces:name: GigabitEthernet1 27 | openconfig-interfaces:type: ethernetCsmacd 28 | openconfig-interfaces:subinterfaces: 29 | openconfig-interfaces:subinterface: 30 | - openconfig-interfaces:index: 0 31 | openconfig-interfaces:config: 32 | openconfig-interfaces:index: 0 33 | openconfig-if-ip:ipv4: 34 | openconfig-if-ip:config: 35 | openconfig-if-ip:dhcp-client: true 36 | - openconfig-interfaces:name: GigabitEthernet2 37 | openconfig-interfaces:config: 38 | openconfig-interfaces:enabled: true 39 | openconfig-interfaces:name: GigabitEthernet2 40 | openconfig-interfaces:type: ethernetCsmacd 41 | openconfig-interfaces:subinterfaces: 42 | openconfig-interfaces:subinterface: 43 | - openconfig-interfaces:index: 0 44 | openconfig-interfaces:config: 45 | openconfig-interfaces:index: 0 46 | openconfig-if-ip:ipv4: 47 | openconfig-if-ip:addresses: 48 | openconfig-if-ip:address: 49 | - openconfig-if-ip:ip: 10.0.0.1 50 | openconfig-if-ip:config: 51 | openconfig-if-ip:ip: 10.0.0.1 52 | openconfig-if-ip:prefix-length: 30 53 | - openconfig-interfaces:name: GigabitEthernet3 54 | openconfig-interfaces:config: 55 | openconfig-interfaces:enabled: true 56 | openconfig-interfaces:name: GigabitEthernet3 57 | openconfig-interfaces:type: ethernetCsmacd 58 | openconfig-interfaces:subinterfaces: 59 | openconfig-interfaces:subinterface: 60 | - openconfig-interfaces:index: 0 61 | openconfig-interfaces:config: 62 | openconfig-interfaces:index: 0 63 | openconfig-if-ip:ipv4: 64 | openconfig-if-ip:addresses: 65 | openconfig-if-ip:address: 66 | - openconfig-if-ip:ip: 10.0.0.5 67 | openconfig-if-ip:config: 68 | openconfig-if-ip:ip: 10.0.0.5 69 | openconfig-if-ip:prefix-length: 30 70 | - openconfig-interfaces:name: GigabitEthernet4 71 | openconfig-interfaces:config: 72 | openconfig-interfaces:enabled: true 73 | openconfig-interfaces:name: GigabitEthernet4 74 | openconfig-interfaces:type: ethernetCsmacd 75 | openconfig-interfaces:subinterfaces: 76 | openconfig-interfaces:subinterface: 77 | - openconfig-interfaces:index: 0 78 | openconfig-interfaces:config: 79 | openconfig-interfaces:index: 0 80 | openconfig-if-ip:ipv4: 81 | openconfig-if-ip:addresses: 82 | openconfig-if-ip:address: 83 | - openconfig-if-ip:ip: 10.0.0.9 84 | openconfig-if-ip:config: 85 | openconfig-if-ip:ip: 10.0.0.9 86 | openconfig-if-ip:prefix-length: 30 87 | - openconfig-interfaces:name: GigabitEthernet5 88 | openconfig-interfaces:config: 89 | openconfig-interfaces:enabled: true 90 | openconfig-interfaces:name: GigabitEthernet5 91 | openconfig-interfaces:type: ethernetCsmacd 92 | openconfig-interfaces:subinterfaces: 93 | openconfig-interfaces:subinterface: 94 | - openconfig-interfaces:index: 0 95 | openconfig-interfaces:config: 96 | openconfig-interfaces:index: 0 97 | openconfig-if-ip:ipv4: 98 | openconfig-if-ip:addresses: 99 | openconfig-if-ip:address: 100 | - openconfig-if-ip:ip: 10.0.0.13 101 | openconfig-if-ip:config: 102 | openconfig-if-ip:ip: 10.0.0.13 103 | openconfig-if-ip:prefix-length: 30 104 | - openconfig-interfaces:name: GigabitEthernet6 105 | openconfig-interfaces:config: 106 | openconfig-interfaces:enabled: false 107 | openconfig-interfaces:name: GigabitEthernet6 108 | openconfig-interfaces:type: ethernetCsmacd 109 | openconfig-interfaces:subinterfaces: 110 | openconfig-interfaces:subinterface: 111 | - openconfig-interfaces:index: 0 112 | openconfig-interfaces:config: 113 | openconfig-interfaces:index: 0 114 | - openconfig-interfaces:name: GigabitEthernet7 115 | openconfig-interfaces:config: 116 | openconfig-interfaces:enabled: false 117 | openconfig-interfaces:name: GigabitEthernet7 118 | openconfig-interfaces:type: ethernetCsmacd 119 | openconfig-interfaces:subinterfaces: 120 | openconfig-interfaces:subinterface: 121 | - openconfig-interfaces:index: 0 122 | openconfig-interfaces:config: 123 | openconfig-interfaces:index: 0 124 | - openconfig-interfaces:name: GigabitEthernet8 125 | openconfig-interfaces:config: 126 | openconfig-interfaces:enabled: false 127 | openconfig-interfaces:name: GigabitEthernet8 128 | openconfig-interfaces:type: ethernetCsmacd 129 | openconfig-interfaces:subinterfaces: 130 | openconfig-interfaces:subinterface: 131 | - openconfig-interfaces:index: 0 132 | openconfig-interfaces:config: 133 | openconfig-interfaces:index: 0 134 | mdd_tags: 135 | - all 136 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-pop/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: Loopback0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: Loopback0 10 | openconfig-interfaces:type: softwareLoopback 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:addresses: 18 | openconfig-if-ip:address: 19 | - openconfig-if-ip:ip: 172.16.255.5 20 | openconfig-if-ip:config: 21 | openconfig-if-ip:ip: 172.16.255.5 22 | openconfig-if-ip:prefix-length: 32 23 | - openconfig-interfaces:name: GigabitEthernet1 24 | openconfig-interfaces:config: 25 | openconfig-interfaces:enabled: true 26 | openconfig-interfaces:name: GigabitEthernet1 27 | openconfig-interfaces:type: ethernetCsmacd 28 | openconfig-interfaces:subinterfaces: 29 | openconfig-interfaces:subinterface: 30 | - openconfig-interfaces:index: 0 31 | openconfig-interfaces:config: 32 | openconfig-interfaces:index: 0 33 | openconfig-if-ip:ipv4: 34 | openconfig-if-ip:config: 35 | openconfig-if-ip:dhcp-client: true 36 | - openconfig-interfaces:name: GigabitEthernet2 37 | openconfig-interfaces:config: 38 | openconfig-interfaces:description: 802.1q 39 | openconfig-interfaces:enabled: true 40 | openconfig-interfaces:name: GigabitEthernet2 41 | openconfig-interfaces:type: ethernetCsmacd 42 | openconfig-interfaces:subinterfaces: 43 | openconfig-interfaces:subinterface: 44 | - openconfig-interfaces:index: 10 45 | openconfig-interfaces:config: 46 | openconfig-interfaces:description: VLAN10 47 | openconfig-interfaces:enabled: true 48 | openconfig-interfaces:index: 10 49 | openconfig-if-ip:ipv4: 50 | openconfig-if-ip:addresses: 51 | openconfig-if-ip:address: 52 | - openconfig-if-ip:ip: 172.16.0.50 53 | openconfig-if-ip:config: 54 | openconfig-if-ip:ip: 172.16.0.50 55 | openconfig-if-ip:prefix-length: 24 56 | openconfig-if-ip:config: 57 | openconfig-if-ip-mdd-ext:nat: 58 | openconfig-if-ip-mdd-ext:nat-choice: inside 59 | openconfig-vlan:vlan: 60 | openconfig-vlan:config: 61 | openconfig-vlan:vlan-id: 10 62 | - openconfig-interfaces:name: GigabitEthernet3 63 | openconfig-interfaces:config: 64 | openconfig-interfaces:enabled: false 65 | openconfig-interfaces:name: GigabitEthernet3 66 | openconfig-interfaces:type: ethernetCsmacd 67 | - openconfig-interfaces:name: GigabitEthernet4 68 | openconfig-interfaces:config: 69 | openconfig-interfaces:enabled: false 70 | openconfig-interfaces:name: GigabitEthernet4 71 | openconfig-interfaces:type: ethernetCsmacd 72 | - openconfig-interfaces:name: GigabitEthernet5 73 | openconfig-interfaces:config: 74 | openconfig-interfaces:enabled: false 75 | openconfig-interfaces:name: GigabitEthernet5 76 | openconfig-interfaces:type: ethernetCsmacd 77 | - openconfig-interfaces:name: GigabitEthernet6 78 | openconfig-interfaces:config: 79 | openconfig-interfaces:enabled: false 80 | openconfig-interfaces:name: GigabitEthernet6 81 | openconfig-interfaces:type: ethernetCsmacd 82 | - openconfig-interfaces:name: GigabitEthernet7 83 | openconfig-interfaces:config: 84 | openconfig-interfaces:enabled: false 85 | openconfig-interfaces:name: GigabitEthernet7 86 | openconfig-interfaces:type: ethernetCsmacd 87 | - openconfig-interfaces:name: GigabitEthernet8 88 | openconfig-interfaces:config: 89 | openconfig-interfaces:enabled: true 90 | openconfig-interfaces:name: GigabitEthernet8 91 | openconfig-interfaces:type: ethernetCsmacd 92 | openconfig-interfaces:subinterfaces: 93 | openconfig-interfaces:subinterface: 94 | - openconfig-interfaces:index: 0 95 | openconfig-interfaces:config: 96 | openconfig-interfaces:index: 0 97 | openconfig-if-ip:ipv4: 98 | openconfig-if-ip:addresses: 99 | openconfig-if-ip:address: 100 | - openconfig-if-ip:ip: 10.0.254.2 101 | openconfig-if-ip:config: 102 | openconfig-if-ip:ip: 10.0.254.2 103 | openconfig-if-ip:prefix-length: 30 104 | openconfig-if-ip:config: 105 | openconfig-if-ip-mdd-ext:nat: 106 | openconfig-if-ip-mdd-ext:nat-choice: outside 107 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-pop/oc-nat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-acl:acl: 5 | openconfig-acl:acl-sets: 6 | openconfig-acl:acl-set: 7 | - openconfig-acl:name: nat-internal 8 | openconfig-acl:type: 'openconfig-acl-ext:ACL_IPV4_STANDARD' 9 | openconfig-acl:config: 10 | openconfig-acl:name: nat-internal 11 | openconfig-acl:type: 'openconfig-acl-ext:ACL_IPV4_STANDARD' 12 | openconfig-acl:acl-entries: 13 | openconfig-acl:acl-entry: 14 | - openconfig-acl:sequence-id: 10 15 | openconfig-acl:actions: 16 | openconfig-acl:config: 17 | openconfig-acl:forwarding-action: ACCEPT 18 | openconfig-acl:log-action: LOG_NONE 19 | openconfig-acl:config: 20 | openconfig-acl:sequence-id: 10 21 | openconfig-acl-ext:ipv4: 22 | openconfig-acl-ext:config: 23 | openconfig-acl-ext:source-address: 10.0.0.0/8 24 | - openconfig-acl:sequence-id: 20 25 | openconfig-acl:actions: 26 | openconfig-acl:config: 27 | openconfig-acl:forwarding-action: ACCEPT 28 | openconfig-acl:log-action: LOG_NONE 29 | openconfig-acl:config: 30 | openconfig-acl:sequence-id: 20 31 | openconfig-acl-ext:ipv4: 32 | openconfig-acl-ext:config: 33 | openconfig-acl-ext:source-address: 172.16.0.0/12 34 | - openconfig-acl:sequence-id: 30 35 | openconfig-acl:actions: 36 | openconfig-acl:config: 37 | openconfig-acl:forwarding-action: ACCEPT 38 | openconfig-acl:log-action: LOG_NONE 39 | openconfig-acl:config: 40 | openconfig-acl:sequence-id: 30 41 | openconfig-acl-ext:ipv4: 42 | openconfig-acl-ext:config: 43 | openconfig-acl-ext:source-address: 192.168.0.0/16 44 | openconfig-system:system: 45 | openconfig-system-ext:services: 46 | openconfig-system-ext:nat: 47 | openconfig-system-ext:inside: 48 | openconfig-system-ext:source: 49 | openconfig-system-ext:local-addresses-access-lists: 50 | openconfig-system-ext:local-addresses-access-list: 51 | - openconfig-system-ext:local-addresses-access-list-name: nat-internal 52 | openconfig-system-ext:config: 53 | openconfig-system-ext:local-addresses-access-list-name: nat-internal 54 | openconfig-system-ext:global-interface-name: GigabitEthernet8 55 | openconfig-system-ext:vrf: internal_1 56 | openconfig-system-ext:overload: true 57 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-pop/oc-routing.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-network-instance:network-instances: 5 | openconfig-network-instance:network-instance: 6 | - openconfig-network-instance:name: default 7 | openconfig-network-instance:config: 8 | openconfig-network-instance:name: default 9 | openconfig-network-instance:type: DEFAULT_INSTANCE 10 | openconfig-network-instance:enabled: true 11 | openconfig-network-instance:protocols: 12 | openconfig-network-instance:protocol: 13 | - openconfig-network-instance:identifier: BGP 14 | openconfig-network-instance:name: BGP 15 | openconfig-network-instance:config: 16 | openconfig-network-instance:enabled: True 17 | openconfig-network-instance:identifier: BGP 18 | openconfig-network-instance:name: BGP 19 | openconfig-network-instance:bgp: 20 | openconfig-network-instance:global: 21 | openconfig-network-instance:config: 22 | openconfig-network-instance:as: 100 23 | openconfig-bgp-ext:log-neighbor-changes: true 24 | openconfig-network-instance:afi-safis: 25 | openconfig-network-instance:afi-safi: 26 | - openconfig-network-instance:afi-safi-name: IPV4_UNICAST 27 | openconfig-network-instance:config: 28 | openconfig-network-instance:afi-safi-name: IPV4_UNICAST 29 | openconfig-network-instance:enabled: true 30 | openconfig-network-instance:neighbors: 31 | openconfig-network-instance:neighbor: 32 | - openconfig-network-instance:neighbor-address: 10.0.254.1 33 | openconfig-network-instance:config: 34 | openconfig-network-instance:neighbor-address: 10.0.254.1 35 | openconfig-network-instance:description: ISP 36 | openconfig-network-instance:peer-as: 99 37 | openconfig-network-instance:enabled: True 38 | openconfig-network-instance:afi-safis: 39 | openconfig-network-instance:afi-safi: 40 | - openconfig-network-instance:afi-safi-name: IPV4_UNICAST 41 | openconfig-network-instance:config: 42 | openconfig-network-instance:afi-safi-name: IPV4_UNICAST 43 | openconfig-network-instance:enabled: true 44 | - openconfig-network-instance:name: internal_1 45 | openconfig-network-instance:config: 46 | openconfig-network-instance:name: internal_1 47 | openconfig-network-instance:type: L3VRF 48 | openconfig-network-instance:enabled: true 49 | openconfig-network-instance:enabled-address-families: 50 | - IPV4 51 | - IPV6 52 | openconfig-network-instance:route-distinguisher: '1:1' 53 | openconfig-network-instance:interfaces: 54 | openconfig-network-instance:interface: 55 | - openconfig-network-instance:id: Loopback0 56 | openconfig-network-instance:config: 57 | openconfig-network-instance:id: Loopback0 58 | openconfig-network-instance:interface: Loopback0 59 | openconfig-network-instance:subinterface: 0 60 | - openconfig-network-instance:id: GigabitEthernet2.10 61 | openconfig-network-instance:config: 62 | openconfig-network-instance:id: GigabitEthernet2.10 63 | openconfig-network-instance:interface: GigabitEthernet2 64 | openconfig-network-instance:subinterface: 10 65 | openconfig-network-instance:protocols: 66 | openconfig-network-instance:protocol: 67 | - openconfig-network-instance:identifier: STATIC 68 | openconfig-network-instance:name: DEFAULT 69 | openconfig-network-instance:config: 70 | openconfig-network-instance:identifier: STATIC 71 | openconfig-network-instance:name: DEFAULT 72 | openconfig-network-instance:static-routes: 73 | openconfig-network-instance:static: 74 | - openconfig-network-instance:prefix: 0.0.0.0/0 75 | openconfig-network-instance:config: 76 | openconfig-network-instance:prefix: 0.0.0.0/0 77 | openconfig-network-instance:next-hops: 78 | openconfig-network-instance:next-hop: 79 | - openconfig-network-instance:index: 10.0.254.1 80 | openconfig-network-instance:config: 81 | openconfig-network-instance:index: 10.0.254.1 82 | openconfig-network-instance:next-hop: 10.0.254.1 83 | openconfig-local-routing-ext:global: true 84 | - openconfig-network-instance:identifier: OSPF 85 | openconfig-network-instance:name: '1' 86 | openconfig-network-instance:config: 87 | openconfig-network-instance:enabled: True 88 | openconfig-network-instance:identifier: OSPF 89 | openconfig-network-instance:name: '1' 90 | openconfig-network-instance:ospfv2: 91 | openconfig-network-instance:global: 92 | openconfig-network-instance:config: 93 | openconfig-network-instance:log-adjacency-changes: True 94 | openconfig-ospfv2-ext:default-information-originate: 95 | openconfig-ospfv2-ext:config: 96 | openconfig-ospfv2-ext:enabled: True 97 | openconfig-network-instance:areas: 98 | openconfig-network-instance:area: 99 | - openconfig-network-instance:identifier: 0 100 | openconfig-network-instance:config: 101 | openconfig-network-instance:identifier: 0 102 | openconfig-network-instance:interfaces: 103 | openconfig-network-instance:interface: 104 | - openconfig-network-instance:id: Loopback0 105 | openconfig-network-instance:config: 106 | openconfig-network-instance:id: Loopback0 107 | openconfig-network-instance:passive: True 108 | - openconfig-network-instance:id: GigabitEthernet2.10 109 | openconfig-network-instance:config: 110 | openconfig-network-instance:id: GigabitEthernet2.10 111 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-rtr1/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: Loopback0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: Loopback0 10 | openconfig-interfaces:type: softwareLoopback 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:addresses: 18 | openconfig-if-ip:address: 19 | - openconfig-if-ip:ip: 172.16.255.1 20 | openconfig-if-ip:config: 21 | openconfig-if-ip:ip: 172.16.255.1 22 | openconfig-if-ip:prefix-length: 32 23 | - openconfig-interfaces:name: Loopback100 24 | openconfig-interfaces:config: 25 | openconfig-interfaces:enabled: true 26 | openconfig-interfaces:name: Loopback100 27 | openconfig-interfaces:type: softwareLoopback 28 | openconfig-interfaces:subinterfaces: 29 | openconfig-interfaces:subinterface: 30 | - openconfig-interfaces:index: 0 31 | openconfig-interfaces:config: 32 | openconfig-interfaces:index: 0 33 | openconfig-if-ip:ipv4: 34 | openconfig-if-ip:addresses: 35 | openconfig-if-ip:address: 36 | - openconfig-if-ip:ip: 10.255.255.11 37 | openconfig-if-ip:config: 38 | openconfig-if-ip:ip: 10.255.255.11 39 | openconfig-if-ip:prefix-length: 32 40 | - openconfig-interfaces:name: GigabitEthernet1 41 | openconfig-interfaces:config: 42 | openconfig-interfaces:enabled: true 43 | openconfig-interfaces:name: GigabitEthernet1 44 | openconfig-interfaces:type: ethernetCsmacd 45 | openconfig-interfaces:subinterfaces: 46 | openconfig-interfaces:subinterface: 47 | - openconfig-interfaces:index: 0 48 | openconfig-interfaces:config: 49 | openconfig-interfaces:index: 0 50 | openconfig-if-ip:ipv4: 51 | openconfig-if-ip:config: 52 | openconfig-if-ip:dhcp-client: true 53 | - openconfig-interfaces:name: GigabitEthernet2 54 | openconfig-interfaces:config: 55 | openconfig-interfaces:enabled: true 56 | openconfig-interfaces:name: GigabitEthernet2 57 | openconfig-interfaces:type: ethernetCsmacd 58 | openconfig-interfaces:subinterfaces: 59 | openconfig-interfaces:subinterface: 60 | - openconfig-interfaces:index: 0 61 | openconfig-interfaces:config: 62 | openconfig-interfaces:index: 0 63 | openconfig-if-ip:ipv4: 64 | openconfig-if-ip:addresses: 65 | openconfig-if-ip:address: 66 | - openconfig-if-ip:ip: 10.0.0.2 67 | openconfig-if-ip:config: 68 | openconfig-if-ip:ip: 10.0.0.2 69 | openconfig-if-ip:prefix-length: 30 70 | - openconfig-interfaces:name: GigabitEthernet3 71 | openconfig-interfaces:config: 72 | openconfig-interfaces:description: 802.1q Trunk 73 | openconfig-interfaces:enabled: true 74 | openconfig-interfaces:name: GigabitEthernet3 75 | openconfig-interfaces:type: ethernetCsmacd 76 | openconfig-interfaces:subinterfaces: 77 | openconfig-interfaces:subinterface: 78 | - openconfig-interfaces:index: 10 79 | openconfig-interfaces:config: 80 | openconfig-interfaces:description: VLAN10 81 | openconfig-interfaces:enabled: true 82 | openconfig-interfaces:index: 10 83 | openconfig-if-ip:ipv4: 84 | openconfig-if-ip:addresses: 85 | openconfig-if-ip:address: 86 | - openconfig-if-ip:ip: 172.16.0.2 87 | openconfig-if-ip:config: 88 | openconfig-if-ip:ip: 172.16.0.2 89 | openconfig-if-ip:prefix-length: 24 90 | openconfig-if-ip:vrrp: 91 | openconfig-if-ip:vrrp-group: 92 | - openconfig-if-ip:virtual-router-id: 1 93 | openconfig-if-ip:config: 94 | openconfig-if-ip:virtual-address: 95 | - 172.16.0.1 96 | openconfig-if-ip:virtual-router-id: 1 97 | openconfig-vlan:vlan: 98 | openconfig-vlan:config: 99 | openconfig-vlan:vlan-id: 10 100 | - openconfig-interfaces:name: GigabitEthernet4 101 | openconfig-interfaces:config: 102 | openconfig-interfaces:enabled: true 103 | openconfig-interfaces:name: GigabitEthernet4 104 | openconfig-interfaces:type: ethernetCsmacd 105 | openconfig-interfaces:subinterfaces: 106 | openconfig-interfaces:subinterface: 107 | - openconfig-interfaces:index: 0 108 | openconfig-interfaces:config: 109 | openconfig-interfaces:index: 0 110 | openconfig-if-ip:ipv4: 111 | openconfig-if-ip:addresses: 112 | openconfig-if-ip:address: 113 | - openconfig-if-ip:ip: 10.0.3.1 114 | openconfig-if-ip:config: 115 | openconfig-if-ip:ip: 10.0.3.1 116 | openconfig-if-ip:prefix-length: 30 117 | - openconfig-interfaces:name: GigabitEthernet5 118 | openconfig-interfaces:config: 119 | openconfig-interfaces:enabled: false 120 | openconfig-interfaces:name: GigabitEthernet5 121 | openconfig-interfaces:type: ethernetCsmacd 122 | - openconfig-interfaces:name: GigabitEthernet6 123 | openconfig-interfaces:config: 124 | openconfig-interfaces:enabled: false 125 | openconfig-interfaces:name: GigabitEthernet6 126 | openconfig-interfaces:type: ethernetCsmacd 127 | - openconfig-interfaces:name: GigabitEthernet7 128 | openconfig-interfaces:config: 129 | openconfig-interfaces:enabled: false 130 | openconfig-interfaces:name: GigabitEthernet7 131 | openconfig-interfaces:type: ethernetCsmacd 132 | - openconfig-interfaces:name: GigabitEthernet8 133 | openconfig-interfaces:config: 134 | openconfig-interfaces:enabled: false 135 | openconfig-interfaces:name: GigabitEthernet8 136 | openconfig-interfaces:type: ethernetCsmacd 137 | mdd_tags: 138 | - all 139 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-rtr1/oc-routing.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-network-instance:network-instances: 5 | openconfig-network-instance:network-instance: 6 | - openconfig-network-instance:name: default 7 | openconfig-network-instance:mpls: 8 | openconfig-network-instance:signaling-protocols: 9 | openconfig-network-instance:ldp: 10 | openconfig-network-instance:global: 11 | openconfig-network-instance:config: 12 | openconfig-network-instance:lsr-id: 10.255.255.11 13 | openconfig-network-instance:protocols: 14 | openconfig-network-instance:protocol: 15 | - openconfig-network-instance:identifier: BGP 16 | openconfig-network-instance:name: BGP 17 | openconfig-network-instance:bgp: 18 | openconfig-network-instance:global: 19 | openconfig-network-instance:config: 20 | openconfig-network-instance:router-id: 10.255.255.11 21 | - openconfig-network-instance:name: internal_1 22 | openconfig-network-instance:config: 23 | openconfig-network-instance:route-distinguisher: '1:1' 24 | - openconfig-network-instance:name: Mgmt-intf 25 | openconfig-network-instance:config: 26 | openconfig-network-instance:name: Mgmt-intf 27 | openconfig-network-instance:type: L3VRF 28 | openconfig-network-instance:enabled: true 29 | openconfig-network-instance:enabled-address-families: 30 | - IPV4 31 | - IPV6 32 | openconfig-network-instance:interfaces: 33 | openconfig-network-instance:interface: 34 | - openconfig-network-instance:id: GigabitEthernet1 35 | openconfig-network-instance:config: 36 | openconfig-network-instance:id: GigabitEthernet1 37 | openconfig-network-instance:interface: GigabitEthernet1 38 | openconfig-network-instance:subinterface: 0 39 | mdd_tags: 40 | - all 41 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-rtr2/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: Loopback0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: Loopback0 10 | openconfig-interfaces:type: softwareLoopback 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:addresses: 18 | openconfig-if-ip:address: 19 | - openconfig-if-ip:ip: 172.16.255.2 20 | openconfig-if-ip:config: 21 | openconfig-if-ip:ip: 172.16.255.2 22 | openconfig-if-ip:prefix-length: 32 23 | - openconfig-interfaces:name: Loopback100 24 | openconfig-interfaces:config: 25 | openconfig-interfaces:enabled: true 26 | openconfig-interfaces:name: Loopback100 27 | openconfig-interfaces:type: softwareLoopback 28 | openconfig-interfaces:subinterfaces: 29 | openconfig-interfaces:subinterface: 30 | - openconfig-interfaces:index: 0 31 | openconfig-interfaces:config: 32 | openconfig-interfaces:index: 0 33 | openconfig-if-ip:ipv4: 34 | openconfig-if-ip:addresses: 35 | openconfig-if-ip:address: 36 | - openconfig-if-ip:ip: 10.255.255.12 37 | openconfig-if-ip:config: 38 | openconfig-if-ip:ip: 10.255.255.12 39 | openconfig-if-ip:prefix-length: 32 40 | - openconfig-interfaces:name: GigabitEthernet1 41 | openconfig-interfaces:config: 42 | openconfig-interfaces:enabled: true 43 | openconfig-interfaces:name: GigabitEthernet1 44 | openconfig-interfaces:type: ethernetCsmacd 45 | openconfig-interfaces:subinterfaces: 46 | openconfig-interfaces:subinterface: 47 | - openconfig-interfaces:index: 0 48 | openconfig-interfaces:config: 49 | openconfig-interfaces:index: 0 50 | openconfig-if-ip:ipv4: 51 | openconfig-if-ip:config: 52 | openconfig-if-ip:dhcp-client: true 53 | - openconfig-interfaces:name: GigabitEthernet2 54 | openconfig-interfaces:config: 55 | openconfig-interfaces:enabled: true 56 | openconfig-interfaces:name: GigabitEthernet2 57 | openconfig-interfaces:type: ethernetCsmacd 58 | openconfig-interfaces:subinterfaces: 59 | openconfig-interfaces:subinterface: 60 | - openconfig-interfaces:index: 0 61 | openconfig-interfaces:config: 62 | openconfig-interfaces:index: 0 63 | openconfig-if-ip:ipv4: 64 | openconfig-if-ip:addresses: 65 | openconfig-if-ip:address: 66 | - openconfig-if-ip:ip: 10.0.0.6 67 | openconfig-if-ip:config: 68 | openconfig-if-ip:ip: 10.0.0.6 69 | openconfig-if-ip:prefix-length: 30 70 | - openconfig-interfaces:name: GigabitEthernet3 71 | openconfig-interfaces:config: 72 | openconfig-interfaces:description: 802.1q Trunk 73 | openconfig-interfaces:enabled: true 74 | openconfig-interfaces:name: GigabitEthernet3 75 | openconfig-interfaces:type: ethernetCsmacd 76 | openconfig-interfaces:subinterfaces: 77 | openconfig-interfaces:subinterface: 78 | - openconfig-interfaces:index: 10 79 | openconfig-interfaces:config: 80 | openconfig-interfaces:description: VLAN10 81 | openconfig-interfaces:enabled: true 82 | openconfig-interfaces:index: 10 83 | openconfig-if-ip:ipv4: 84 | openconfig-if-ip:addresses: 85 | openconfig-if-ip:address: 86 | - openconfig-if-ip:ip: 172.16.0.3 87 | openconfig-if-ip:config: 88 | openconfig-if-ip:ip: 172.16.0.3 89 | openconfig-if-ip:prefix-length: 24 90 | openconfig-if-ip:vrrp: 91 | openconfig-if-ip:vrrp-group: 92 | - openconfig-if-ip:virtual-router-id: 1 93 | openconfig-if-ip:config: 94 | openconfig-if-ip:preempt: true 95 | openconfig-if-ip:preempt-delay: 10 96 | openconfig-if-ip:priority: 200 97 | openconfig-if-ip:virtual-address: 98 | - 172.16.0.1 99 | openconfig-if-ip:virtual-router-id: 1 100 | openconfig-vlan:vlan: 101 | openconfig-vlan:config: 102 | openconfig-vlan:vlan-id: 10 103 | - openconfig-interfaces:name: GigabitEthernet4 104 | openconfig-interfaces:config: 105 | openconfig-interfaces:enabled: true 106 | openconfig-interfaces:name: GigabitEthernet4 107 | openconfig-interfaces:type: ethernetCsmacd 108 | openconfig-interfaces:subinterfaces: 109 | openconfig-interfaces:subinterface: 110 | - openconfig-interfaces:index: 0 111 | openconfig-interfaces:config: 112 | openconfig-interfaces:index: 0 113 | openconfig-if-ip:ipv4: 114 | openconfig-if-ip:addresses: 115 | openconfig-if-ip:address: 116 | - openconfig-if-ip:ip: 10.0.3.2 117 | openconfig-if-ip:config: 118 | openconfig-if-ip:ip: 10.0.3.2 119 | openconfig-if-ip:prefix-length: 30 120 | - openconfig-interfaces:name: GigabitEthernet5 121 | openconfig-interfaces:config: 122 | openconfig-interfaces:enabled: false 123 | openconfig-interfaces:name: GigabitEthernet5 124 | openconfig-interfaces:type: ethernetCsmacd 125 | - openconfig-interfaces:name: GigabitEthernet6 126 | openconfig-interfaces:config: 127 | openconfig-interfaces:enabled: false 128 | openconfig-interfaces:name: GigabitEthernet6 129 | openconfig-interfaces:type: ethernetCsmacd 130 | - openconfig-interfaces:name: GigabitEthernet7 131 | openconfig-interfaces:config: 132 | openconfig-interfaces:enabled: false 133 | openconfig-interfaces:name: GigabitEthernet7 134 | openconfig-interfaces:type: ethernetCsmacd 135 | - openconfig-interfaces:name: GigabitEthernet8 136 | openconfig-interfaces:config: 137 | openconfig-interfaces:enabled: false 138 | openconfig-interfaces:name: GigabitEthernet8 139 | openconfig-interfaces:type: ethernetCsmacd 140 | mdd_tags: 141 | - all 142 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-rtr2/oc-routing.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-network-instance:network-instances: 5 | openconfig-network-instance:network-instance: 6 | - openconfig-network-instance:name: default 7 | openconfig-network-instance:mpls: 8 | openconfig-network-instance:signaling-protocols: 9 | openconfig-network-instance:ldp: 10 | openconfig-network-instance:global: 11 | openconfig-network-instance:config: 12 | openconfig-network-instance:lsr-id: 10.255.255.12 13 | openconfig-network-instance:protocols: 14 | openconfig-network-instance:protocol: 15 | - openconfig-network-instance:identifier: BGP 16 | openconfig-network-instance:name: BGP 17 | openconfig-network-instance:bgp: 18 | openconfig-network-instance:global: 19 | openconfig-network-instance:config: 20 | openconfig-network-instance:router-id: 10.255.255.12 21 | - openconfig-network-instance:name: internal_1 22 | openconfig-network-instance:config: 23 | openconfig-network-instance:route-distinguisher: '1:1' 24 | - openconfig-network-instance:name: Mgmt-intf 25 | openconfig-network-instance:config: 26 | openconfig-network-instance:name: Mgmt-intf 27 | openconfig-network-instance:type: L3VRF 28 | openconfig-network-instance:enabled: true 29 | openconfig-network-instance:enabled-address-families: 30 | - IPV4 31 | - IPV6 32 | openconfig-network-instance:interfaces: 33 | openconfig-network-instance:interface: 34 | - openconfig-network-instance:id: GigabitEthernet1 35 | openconfig-network-instance:config: 36 | openconfig-network-instance:id: GigabitEthernet1 37 | openconfig-network-instance:interface: GigabitEthernet1 38 | openconfig-network-instance:subinterface: 0 39 | mdd_tags: 40 | - all 41 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-sw1/hq-sw1.cfg: -------------------------------------------------------------------------------- 1 | Building configuration... 2 | 3 | Current configuration : 3818 bytes 4 | ! 5 | ! Last configuration change at 17:42:32 UTC Sat Dec 11 2021 6 | ! 7 | version 15.2 8 | service timestamps debug datetime msec 9 | service timestamps log datetime msec 10 | no service password-encryption 11 | service compress-config 12 | ! 13 | hostname hq-sw1 14 | ! 15 | boot-start-marker 16 | boot-end-marker 17 | ! 18 | ! 19 | vrf definition Mgmt-intf 20 | ! 21 | address-family ipv4 22 | exit-address-family 23 | ! 24 | address-family ipv6 25 | exit-address-family 26 | ! 27 | ! 28 | username admin privilege 15 secret 5 $1$Q2hU$nHOxjkiissQsChJTZ01gb/ 29 | no aaa new-model 30 | ! 31 | ! 32 | ! 33 | ! 34 | ! 35 | ! 36 | ! 37 | ! 38 | ip domain-name cml.local 39 | ip cef 40 | no ipv6 cef 41 | ! 42 | ! 43 | ! 44 | spanning-tree mode pvst 45 | spanning-tree extend system-id 46 | ! 47 | ! 48 | ! 49 | ! 50 | ! 51 | ! 52 | ! 53 | ! 54 | ! 55 | ! 56 | ! 57 | ! 58 | ! 59 | ! 60 | ! 61 | interface GigabitEthernet0/0 62 | switchport access vlan 10 63 | switchport mode access 64 | negotiation auto 65 | ! 66 | interface GigabitEthernet0/1 67 | switchport trunk encapsulation dot1q 68 | switchport mode trunk 69 | negotiation auto 70 | ! 71 | interface GigabitEthernet0/2 72 | negotiation auto 73 | ! 74 | interface GigabitEthernet0/3 75 | negotiation auto 76 | ! 77 | interface GigabitEthernet1/0 78 | switchport access vlan 10 79 | switchport mode access 80 | negotiation auto 81 | ! 82 | interface GigabitEthernet1/1 83 | negotiation auto 84 | ! 85 | interface GigabitEthernet1/2 86 | negotiation auto 87 | ! 88 | interface GigabitEthernet1/3 89 | negotiation auto 90 | ! 91 | interface GigabitEthernet2/0 92 | negotiation auto 93 | ! 94 | interface GigabitEthernet2/1 95 | negotiation auto 96 | ! 97 | interface GigabitEthernet2/2 98 | negotiation auto 99 | ! 100 | interface GigabitEthernet2/3 101 | negotiation auto 102 | ! 103 | interface GigabitEthernet3/0 104 | negotiation auto 105 | ! 106 | interface GigabitEthernet3/1 107 | negotiation auto 108 | ! 109 | interface GigabitEthernet3/2 110 | negotiation auto 111 | ! 112 | interface GigabitEthernet3/3 113 | no switchport 114 | vrf forwarding Mgmt-intf 115 | ip address dhcp 116 | negotiation auto 117 | ! 118 | ip forward-protocol nd 119 | ! 120 | ip http server 121 | ip http secure-server 122 | ! 123 | ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr 124 | ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr 125 | ! 126 | ! 127 | ! 128 | ! 129 | ! 130 | ! 131 | control-plane 132 | ! 133 | banner exec ^C 134 | ************************************************************************** 135 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 136 | * education. IOSv is provided as-is and is not supported by Cisco's * 137 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 138 | * of the IOSv Software or Documentation to any third party for any * 139 | * purposes is expressly prohibited except as otherwise authorized by * 140 | * Cisco in writing. * 141 | **************************************************************************^C 142 | banner incoming ^C 143 | ************************************************************************** 144 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 145 | * education. IOSv is provided as-is and is not supported by Cisco's * 146 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 147 | * of the IOSv Software or Documentation to any third party for any * 148 | * purposes is expressly prohibited except as otherwise authorized by * 149 | * Cisco in writing. * 150 | **************************************************************************^C 151 | banner login ^C 152 | ************************************************************************** 153 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 154 | * education. IOSv is provided as-is and is not supported by Cisco's * 155 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 156 | * of the IOSv Software or Documentation to any third party for any * 157 | * purposes is expressly prohibited except as otherwise authorized by * 158 | * Cisco in writing. * 159 | **************************************************************************^C 160 | banner motd ^CWelcome to hq-sw1!^C 161 | ! 162 | line con 0 163 | line aux 0 164 | line vty 0 4 165 | login local 166 | transport input ssh 167 | ! 168 | ! 169 | end -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-sw1/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: Loopback0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: Loopback0 10 | openconfig-interfaces:type: softwareLoopback 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:addresses: 18 | openconfig-if-ip:address: 19 | - openconfig-if-ip:ip: 172.16.255.3 20 | openconfig-if-ip:config: 21 | openconfig-if-ip:ip: 172.16.255.3 22 | openconfig-if-ip:prefix-length: 32 23 | - openconfig-interfaces:name: Vlan10 24 | openconfig-interfaces:config: 25 | openconfig-interfaces:description: VLAN10 26 | openconfig-interfaces:enabled: true 27 | openconfig-interfaces:loopback-mode: false 28 | # openconfig-interfaces:mtu: 1500 29 | openconfig-interfaces:name: Vlan10 30 | openconfig-interfaces:type: l3ipvlan 31 | openconfig-vlan:routed-vlan: 32 | openconfig-vlan:config: 33 | openconfig-vlan:vlan: 10 34 | openconfig-if-ip:ipv4: 35 | openconfig-if-ip:addresses: 36 | openconfig-if-ip:address: 37 | - openconfig-if-ip:ip: 172.16.0.11 38 | openconfig-if-ip:config: 39 | openconfig-if-ip:ip: 172.16.0.11 40 | openconfig-if-ip:prefix-length: 24 41 | - openconfig-interfaces:name: GigabitEthernet0/0 42 | openconfig-interfaces:config: 43 | openconfig-interfaces:enabled: true 44 | openconfig-interfaces:name: GigabitEthernet0/0 45 | openconfig-interfaces:type: l2vlan 46 | openconfig-interfaces:subinterfaces: 47 | openconfig-interfaces:subinterface: 48 | - openconfig-interfaces:index: 0 49 | openconfig-interfaces:config: 50 | openconfig-interfaces:index: 0 51 | openconfig-if-ip:ipv4: 52 | openconfig-if-ip:config: 53 | openconfig-if-ip:dhcp-client: true 54 | - openconfig-interfaces:name: GigabitEthernet0/1 55 | openconfig-interfaces:config: 56 | openconfig-interfaces:enabled: true 57 | openconfig-interfaces:name: GigabitEthernet0/1 58 | openconfig-interfaces:type: l2vlan 59 | openconfig-if-ethernet:ethernet: 60 | openconfig-vlan:switched-vlan: 61 | openconfig-vlan:config: 62 | openconfig-vlan:interface-mode: TRUNK 63 | - openconfig-interfaces:name: GigabitEthernet0/2 64 | openconfig-interfaces:config: 65 | openconfig-interfaces:enabled: true 66 | openconfig-interfaces:name: GigabitEthernet0/2 67 | openconfig-interfaces:type: l2vlan 68 | openconfig-if-ethernet:ethernet: 69 | openconfig-vlan:switched-vlan: 70 | openconfig-vlan:config: 71 | openconfig-vlan:interface-mode: TRUNK 72 | - openconfig-interfaces:name: GigabitEthernet0/3 73 | openconfig-interfaces:config: 74 | openconfig-interfaces:enabled: true 75 | openconfig-interfaces:name: GigabitEthernet0/3 76 | openconfig-interfaces:type: l2vlan 77 | - openconfig-interfaces:name: GigabitEthernet1/0 78 | openconfig-interfaces:config: 79 | openconfig-interfaces:enabled: true 80 | openconfig-interfaces:name: GigabitEthernet1/0 81 | openconfig-interfaces:type: l2vlan 82 | openconfig-if-ethernet:ethernet: 83 | openconfig-vlan:switched-vlan: 84 | openconfig-vlan:config: 85 | openconfig-vlan:access-vlan: 10 86 | openconfig-vlan:interface-mode: ACCESS 87 | - openconfig-interfaces:name: GigabitEthernet1/1 88 | openconfig-interfaces:config: 89 | openconfig-interfaces:enabled: true 90 | openconfig-interfaces:name: GigabitEthernet1/1 91 | openconfig-interfaces:type: l2vlan 92 | openconfig-if-ethernet:ethernet: 93 | openconfig-vlan:switched-vlan: 94 | openconfig-vlan:config: 95 | openconfig-vlan:interface-mode: TRUNK 96 | - openconfig-interfaces:name: GigabitEthernet1/2 97 | openconfig-interfaces:config: 98 | openconfig-interfaces:enabled: true 99 | openconfig-interfaces:name: GigabitEthernet1/2 100 | openconfig-interfaces:type: l2vlan 101 | - openconfig-interfaces:name: GigabitEthernet1/3 102 | openconfig-interfaces:config: 103 | openconfig-interfaces:enabled: true 104 | openconfig-interfaces:name: GigabitEthernet1/3 105 | openconfig-interfaces:type: l2vlan 106 | - openconfig-interfaces:name: GigabitEthernet2/0 107 | openconfig-interfaces:config: 108 | openconfig-interfaces:enabled: true 109 | openconfig-interfaces:name: GigabitEthernet2/0 110 | openconfig-interfaces:type: l2vlan 111 | - openconfig-interfaces:name: GigabitEthernet2/1 112 | openconfig-interfaces:config: 113 | openconfig-interfaces:enabled: true 114 | openconfig-interfaces:name: GigabitEthernet2/1 115 | openconfig-interfaces:type: l2vlan 116 | - openconfig-interfaces:name: GigabitEthernet2/2 117 | openconfig-interfaces:config: 118 | openconfig-interfaces:enabled: true 119 | openconfig-interfaces:name: GigabitEthernet2/2 120 | openconfig-interfaces:type: l2vlan 121 | - openconfig-interfaces:name: GigabitEthernet2/3 122 | openconfig-interfaces:config: 123 | openconfig-interfaces:enabled: true 124 | openconfig-interfaces:name: GigabitEthernet2/3 125 | openconfig-interfaces:type: l2vlan 126 | - openconfig-interfaces:name: GigabitEthernet3/0 127 | openconfig-interfaces:config: 128 | openconfig-interfaces:enabled: true 129 | openconfig-interfaces:name: GigabitEthernet3/0 130 | openconfig-interfaces:type: l2vlan 131 | - openconfig-interfaces:name: GigabitEthernet3/1 132 | openconfig-interfaces:config: 133 | openconfig-interfaces:enabled: true 134 | openconfig-interfaces:name: GigabitEthernet3/1 135 | openconfig-interfaces:type: l2vlan 136 | - openconfig-interfaces:name: GigabitEthernet3/2 137 | openconfig-interfaces:config: 138 | openconfig-interfaces:enabled: true 139 | openconfig-interfaces:name: GigabitEthernet3/2 140 | openconfig-interfaces:type: l2vlan 141 | - openconfig-interfaces:name: GigabitEthernet3/3 142 | openconfig-interfaces:config: 143 | openconfig-interfaces:enabled: true 144 | openconfig-interfaces:name: GigabitEthernet3/3 145 | openconfig-interfaces:type: l2vlan 146 | openconfig-network-instance:network-instances: 147 | openconfig-network-instance:network-instance: 148 | - openconfig-network-instance:name: Mgmt-intf 149 | openconfig-network-instance:config: 150 | openconfig-network-instance:name: Mgmt-intf 151 | openconfig-network-instance:type: L3VRF 152 | openconfig-network-instance:enabled: true 153 | openconfig-network-instance:enabled-address-families: 154 | - IPV4 155 | - IPV6 156 | openconfig-network-instance:interfaces: 157 | openconfig-network-instance:interface: 158 | - openconfig-network-instance:id: GigabitEthernet0/0 159 | openconfig-network-instance:config: 160 | openconfig-network-instance:id: GigabitEthernet0/0 161 | openconfig-network-instance:interface: GigabitEthernet0/0 162 | openconfig-network-instance:subinterface: 0 163 | mdd_tags: 164 | - all 165 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-sw1/oc-stp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_tags: 3 | - switch 4 | mdd_data: 5 | mdd:openconfig: 6 | openconfig-spanning-tree:stp: 7 | openconfig-spanning-tree:global: 8 | openconfig-spanning-tree:config: 9 | openconfig-spanning-tree:enabled-protocol: 10 | - RAPID_PVST 11 | openconfig-spanning-tree:rapid-pvst: 12 | openconfig-spanning-tree:vlan: 13 | - openconfig-spanning-tree:vlan-id: 10 14 | openconfig-spanning-tree:config: 15 | openconfig-spanning-tree:vlan-id: 10 16 | openconfig-spanning-tree:bridge-priority: 16384 17 | - openconfig-spanning-tree:vlan-id: 100 18 | openconfig-spanning-tree:config: 19 | openconfig-spanning-tree:vlan-id: 100 20 | openconfig-spanning-tree:bridge-priority: 16384 21 | - openconfig-spanning-tree:vlan-id: 101 22 | openconfig-spanning-tree:config: 23 | openconfig-spanning-tree:vlan-id: 101 24 | openconfig-spanning-tree:bridge-priority: 16384 25 | openconfig-spanning-tree:interfaces: 26 | openconfig-spanning-tree:interface: 27 | - openconfig-spanning-tree:name: 'GigabitEthernet0/1' 28 | openconfig-spanning-tree:config: 29 | openconfig-spanning-tree:name: 'GigabitEthernet0/1' 30 | openconfig-spanning-tree:guard: ROOT 31 | openconfig-spanning-tree:link-type: P2P 32 | openconfig-spanning-tree:edge-port: EDGE_ENABLE 33 | - openconfig-spanning-tree:name: 'GigabitEthernet0/2' 34 | openconfig-spanning-tree:config: 35 | openconfig-spanning-tree:name: 'GigabitEthernet0/2' 36 | openconfig-spanning-tree:link-type: P2P 37 | openconfig-spanning-tree:edge-port: EDGE_DISABLE 38 | - openconfig-spanning-tree:name: 'GigabitEthernet0/3' 39 | openconfig-spanning-tree:config: 40 | openconfig-spanning-tree:name: 'GigabitEthernet0/3' 41 | openconfig-spanning-tree:guard: ROOT 42 | openconfig-spanning-tree:link-type: P2P 43 | openconfig-spanning-tree:edge-port: EDGE_AUTO 44 | - openconfig-spanning-tree:name: 'GigabitEthernet1/0' 45 | openconfig-spanning-tree:config: 46 | openconfig-spanning-tree:name: 'GigabitEthernet1/0' 47 | openconfig-spanning-tree:guard: ROOT 48 | openconfig-spanning-tree:link-type: P2P 49 | openconfig-spanning-tree:edge-port: EDGE_AUTO 50 | - openconfig-spanning-tree:name: 'GigabitEthernet1/1' 51 | openconfig-spanning-tree:config: 52 | openconfig-spanning-tree:name: 'GigabitEthernet1/1' 53 | openconfig-spanning-tree:guard: ROOT 54 | openconfig-spanning-tree:link-type: P2P 55 | openconfig-spanning-tree:edge-port: EDGE_ENABLE 56 | - openconfig-spanning-tree:name: 'GigabitEthernet1/2' 57 | openconfig-spanning-tree:config: 58 | openconfig-spanning-tree:name: 'GigabitEthernet1/2' 59 | openconfig-spanning-tree:guard: ROOT 60 | openconfig-spanning-tree:link-type: P2P 61 | openconfig-spanning-tree:edge-port: EDGE_AUTO 62 | - openconfig-spanning-tree:name: 'GigabitEthernet1/3' 63 | openconfig-spanning-tree:config: 64 | openconfig-spanning-tree:name: 'GigabitEthernet1/3' 65 | openconfig-spanning-tree:guard: ROOT 66 | openconfig-spanning-tree:link-type: P2P 67 | openconfig-spanning-tree:edge-port: EDGE_AUTO 68 | - openconfig-spanning-tree:name: 'GigabitEthernet2/0' 69 | openconfig-spanning-tree:config: 70 | openconfig-spanning-tree:name: 'GigabitEthernet2/0' 71 | openconfig-spanning-tree:guard: ROOT 72 | openconfig-spanning-tree:link-type: P2P 73 | openconfig-spanning-tree:edge-port: EDGE_AUTO 74 | - openconfig-spanning-tree:name: 'GigabitEthernet2/1' 75 | openconfig-spanning-tree:config: 76 | openconfig-spanning-tree:name: 'GigabitEthernet2/1' 77 | openconfig-spanning-tree:guard: ROOT 78 | openconfig-spanning-tree:link-type: P2P 79 | openconfig-spanning-tree:edge-port: EDGE_AUTO 80 | - openconfig-spanning-tree:name: 'GigabitEthernet2/2' 81 | openconfig-spanning-tree:config: 82 | openconfig-spanning-tree:name: 'GigabitEthernet2/2' 83 | openconfig-spanning-tree:guard: ROOT 84 | openconfig-spanning-tree:link-type: P2P 85 | openconfig-spanning-tree:edge-port: EDGE_AUTO 86 | - openconfig-spanning-tree:name: 'GigabitEthernet2/3' 87 | openconfig-spanning-tree:config: 88 | openconfig-spanning-tree:name: 'GigabitEthernet2/3' 89 | openconfig-spanning-tree:guard: ROOT 90 | openconfig-spanning-tree:link-type: P2P 91 | openconfig-spanning-tree:edge-port: EDGE_AUTO 92 | - openconfig-spanning-tree:name: 'GigabitEthernet3/0' 93 | openconfig-spanning-tree:config: 94 | openconfig-spanning-tree:name: 'GigabitEthernet3/0' 95 | openconfig-spanning-tree:guard: ROOT 96 | openconfig-spanning-tree:link-type: P2P 97 | openconfig-spanning-tree:edge-port: EDGE_AUTO 98 | - openconfig-spanning-tree:name: 'GigabitEthernet3/1' 99 | openconfig-spanning-tree:config: 100 | openconfig-spanning-tree:name: 'GigabitEthernet3/1' 101 | openconfig-spanning-tree:guard: ROOT 102 | openconfig-spanning-tree:link-type: P2P 103 | openconfig-spanning-tree:edge-port: EDGE_AUTO 104 | - openconfig-spanning-tree:name: 'GigabitEthernet3/2' 105 | openconfig-spanning-tree:config: 106 | openconfig-spanning-tree:name: 'GigabitEthernet3/2' 107 | openconfig-spanning-tree:guard: ROOT 108 | openconfig-spanning-tree:link-type: P2P 109 | openconfig-spanning-tree:edge-port: EDGE_AUTO 110 | - openconfig-spanning-tree:name: 'GigabitEthernet3/3' 111 | openconfig-spanning-tree:config: 112 | openconfig-spanning-tree:name: 'GigabitEthernet3/3' 113 | openconfig-spanning-tree:guard: ROOT 114 | openconfig-spanning-tree:link-type: P2P 115 | openconfig-spanning-tree:edge-port: EDGE_AUTO 116 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-sw2/hq-sw2.cfg: -------------------------------------------------------------------------------- 1 | Building configuration... 2 | 3 | Current configuration : 3869 bytes 4 | ! 5 | ! Last configuration change at 17:42:54 UTC Sat Dec 11 2021 6 | ! 7 | version 15.2 8 | service timestamps debug datetime msec 9 | service timestamps log datetime msec 10 | no service password-encryption 11 | service compress-config 12 | ! 13 | hostname hq-sw2 14 | ! 15 | boot-start-marker 16 | boot-end-marker 17 | ! 18 | ! 19 | vrf definition Mgmt-intf 20 | ! 21 | address-family ipv4 22 | exit-address-family 23 | ! 24 | address-family ipv6 25 | exit-address-family 26 | ! 27 | ! 28 | username admin privilege 15 secret 5 $1$anOV$LsntczXb8N6azDF82QPjv1 29 | no aaa new-model 30 | ! 31 | ! 32 | ! 33 | ! 34 | ! 35 | ! 36 | ! 37 | ! 38 | ip domain-name cml.local 39 | ip cef 40 | no ipv6 cef 41 | ! 42 | ! 43 | ! 44 | spanning-tree mode pvst 45 | spanning-tree extend system-id 46 | ! 47 | ! 48 | ! 49 | ! 50 | ! 51 | ! 52 | ! 53 | ! 54 | ! 55 | ! 56 | ! 57 | ! 58 | ! 59 | ! 60 | ! 61 | interface GigabitEthernet0/0 62 | switchport access vlan 10 63 | switchport mode access 64 | negotiation auto 65 | ! 66 | interface GigabitEthernet0/1 67 | switchport trunk encapsulation dot1q 68 | switchport mode trunk 69 | negotiation auto 70 | ! 71 | interface GigabitEthernet0/2 72 | switchport access vlan 10 73 | switchport mode access 74 | negotiation auto 75 | ! 76 | interface GigabitEthernet0/3 77 | negotiation auto 78 | ! 79 | interface GigabitEthernet1/0 80 | switchport access vlan 10 81 | switchport mode access 82 | negotiation auto 83 | ! 84 | interface GigabitEthernet1/1 85 | negotiation auto 86 | ! 87 | interface GigabitEthernet1/2 88 | negotiation auto 89 | ! 90 | interface GigabitEthernet1/3 91 | negotiation auto 92 | ! 93 | interface GigabitEthernet2/0 94 | negotiation auto 95 | ! 96 | interface GigabitEthernet2/1 97 | negotiation auto 98 | ! 99 | interface GigabitEthernet2/2 100 | negotiation auto 101 | ! 102 | interface GigabitEthernet2/3 103 | negotiation auto 104 | ! 105 | interface GigabitEthernet3/0 106 | negotiation auto 107 | ! 108 | interface GigabitEthernet3/1 109 | negotiation auto 110 | ! 111 | interface GigabitEthernet3/2 112 | negotiation auto 113 | ! 114 | interface GigabitEthernet3/3 115 | no switchport 116 | vrf forwarding Mgmt-intf 117 | ip address dhcp 118 | negotiation auto 119 | ! 120 | ip forward-protocol nd 121 | ! 122 | ip http server 123 | ip http secure-server 124 | ! 125 | ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr 126 | ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr 127 | ! 128 | ! 129 | ! 130 | ! 131 | ! 132 | ! 133 | control-plane 134 | ! 135 | banner exec ^C 136 | ************************************************************************** 137 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 138 | * education. IOSv is provided as-is and is not supported by Cisco's * 139 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 140 | * of the IOSv Software or Documentation to any third party for any * 141 | * purposes is expressly prohibited except as otherwise authorized by * 142 | * Cisco in writing. * 143 | **************************************************************************^C 144 | banner incoming ^C 145 | ************************************************************************** 146 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 147 | * education. IOSv is provided as-is and is not supported by Cisco's * 148 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 149 | * of the IOSv Software or Documentation to any third party for any * 150 | * purposes is expressly prohibited except as otherwise authorized by * 151 | * Cisco in writing. * 152 | **************************************************************************^C 153 | banner login ^C 154 | ************************************************************************** 155 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 156 | * education. IOSv is provided as-is and is not supported by Cisco's * 157 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 158 | * of the IOSv Software or Documentation to any third party for any * 159 | * purposes is expressly prohibited except as otherwise authorized by * 160 | * Cisco in writing. * 161 | **************************************************************************^C 162 | banner motd ^CWelcome to hq-sw2!^C 163 | ! 164 | line con 0 165 | line aux 0 166 | line vty 0 4 167 | login local 168 | transport input ssh 169 | ! 170 | ! 171 | end -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-sw2/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: Loopback0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: Loopback0 10 | openconfig-interfaces:type: softwareLoopback 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:addresses: 18 | openconfig-if-ip:address: 19 | - openconfig-if-ip:ip: 172.16.255.4 20 | openconfig-if-ip:config: 21 | openconfig-if-ip:ip: 172.16.255.4 22 | openconfig-if-ip:prefix-length: 32 23 | - openconfig-interfaces:name: Vlan10 24 | openconfig-interfaces:config: 25 | openconfig-interfaces:description: VLAN10 26 | openconfig-interfaces:enabled: true 27 | openconfig-interfaces:loopback-mode: false 28 | # openconfig-interfaces:mtu: 1500 29 | openconfig-interfaces:name: Vlan10 30 | openconfig-interfaces:type: l3ipvlan 31 | openconfig-vlan:routed-vlan: 32 | openconfig-vlan:config: 33 | openconfig-vlan:vlan: 10 34 | openconfig-if-ip:ipv4: 35 | openconfig-if-ip:addresses: 36 | openconfig-if-ip:address: 37 | - openconfig-if-ip:ip: 172.16.0.12 38 | openconfig-if-ip:config: 39 | openconfig-if-ip:ip: 172.16.0.12 40 | openconfig-if-ip:prefix-length: 24 41 | - openconfig-interfaces:name: GigabitEthernet0/0 42 | openconfig-interfaces:config: 43 | openconfig-interfaces:enabled: true 44 | openconfig-interfaces:name: GigabitEthernet0/0 45 | openconfig-interfaces:type: ethernetCsmacd 46 | openconfig-interfaces:subinterfaces: 47 | openconfig-interfaces:subinterface: 48 | - openconfig-interfaces:index: 0 49 | openconfig-interfaces:config: 50 | openconfig-interfaces:index: 0 51 | openconfig-if-ip:ipv4: 52 | openconfig-if-ip:config: 53 | openconfig-if-ip:dhcp-client: true 54 | - openconfig-interfaces:name: GigabitEthernet0/1 55 | openconfig-interfaces:config: 56 | openconfig-interfaces:enabled: true 57 | openconfig-interfaces:name: GigabitEthernet0/1 58 | openconfig-interfaces:type: l2vlan 59 | openconfig-if-ethernet:ethernet: 60 | openconfig-vlan:switched-vlan: 61 | openconfig-vlan:config: 62 | openconfig-vlan:interface-mode: TRUNK 63 | - openconfig-interfaces:name: GigabitEthernet0/2 64 | openconfig-interfaces:config: 65 | openconfig-interfaces:enabled: true 66 | openconfig-interfaces:name: GigabitEthernet0/2 67 | openconfig-interfaces:type: l2vlan 68 | openconfig-if-ethernet:ethernet: 69 | openconfig-vlan:switched-vlan: 70 | openconfig-vlan:config: 71 | openconfig-vlan:interface-mode: TRUNK 72 | - openconfig-interfaces:name: GigabitEthernet0/3 73 | openconfig-interfaces:config: 74 | openconfig-interfaces:enabled: true 75 | openconfig-interfaces:name: GigabitEthernet0/3 76 | openconfig-interfaces:type: l2vlan 77 | openconfig-if-ethernet:ethernet: 78 | openconfig-vlan:switched-vlan: 79 | openconfig-vlan:config: 80 | openconfig-vlan:access-vlan: 10 81 | openconfig-vlan:interface-mode: ACCESS 82 | - openconfig-interfaces:name: GigabitEthernet1/0 83 | openconfig-interfaces:config: 84 | openconfig-interfaces:enabled: true 85 | openconfig-interfaces:name: GigabitEthernet1/0 86 | openconfig-interfaces:type: ethernetCsmacd 87 | - openconfig-interfaces:name: GigabitEthernet1/1 88 | openconfig-interfaces:config: 89 | openconfig-interfaces:enabled: true 90 | openconfig-interfaces:name: GigabitEthernet1/1 91 | openconfig-interfaces:type: ethernetCsmacd 92 | - openconfig-interfaces:name: GigabitEthernet1/2 93 | openconfig-interfaces:config: 94 | openconfig-interfaces:enabled: true 95 | openconfig-interfaces:name: GigabitEthernet1/2 96 | openconfig-interfaces:type: ethernetCsmacd 97 | - openconfig-interfaces:name: GigabitEthernet1/3 98 | openconfig-interfaces:config: 99 | openconfig-interfaces:enabled: true 100 | openconfig-interfaces:name: GigabitEthernet1/3 101 | openconfig-interfaces:type: ethernetCsmacd 102 | - openconfig-interfaces:name: GigabitEthernet2/0 103 | openconfig-interfaces:config: 104 | openconfig-interfaces:enabled: true 105 | openconfig-interfaces:name: GigabitEthernet2/0 106 | openconfig-interfaces:type: ethernetCsmacd 107 | - openconfig-interfaces:name: GigabitEthernet2/1 108 | openconfig-interfaces:config: 109 | openconfig-interfaces:enabled: true 110 | openconfig-interfaces:name: GigabitEthernet2/1 111 | openconfig-interfaces:type: ethernetCsmacd 112 | - openconfig-interfaces:name: GigabitEthernet2/2 113 | openconfig-interfaces:config: 114 | openconfig-interfaces:enabled: true 115 | openconfig-interfaces:name: GigabitEthernet2/2 116 | openconfig-interfaces:type: ethernetCsmacd 117 | - openconfig-interfaces:name: GigabitEthernet2/3 118 | openconfig-interfaces:config: 119 | openconfig-interfaces:enabled: true 120 | openconfig-interfaces:name: GigabitEthernet2/3 121 | openconfig-interfaces:type: ethernetCsmacd 122 | - openconfig-interfaces:name: GigabitEthernet3/0 123 | openconfig-interfaces:config: 124 | openconfig-interfaces:enabled: true 125 | openconfig-interfaces:name: GigabitEthernet3/0 126 | openconfig-interfaces:type: ethernetCsmacd 127 | - openconfig-interfaces:name: GigabitEthernet3/1 128 | openconfig-interfaces:config: 129 | openconfig-interfaces:enabled: true 130 | openconfig-interfaces:name: GigabitEthernet3/1 131 | openconfig-interfaces:type: ethernetCsmacd 132 | - openconfig-interfaces:name: GigabitEthernet3/2 133 | openconfig-interfaces:config: 134 | openconfig-interfaces:enabled: true 135 | openconfig-interfaces:name: GigabitEthernet3/2 136 | openconfig-interfaces:type: ethernetCsmacd 137 | - openconfig-interfaces:name: GigabitEthernet3/3 138 | openconfig-interfaces:config: 139 | openconfig-interfaces:enabled: true 140 | openconfig-interfaces:name: GigabitEthernet3/3 141 | openconfig-interfaces:type: ethernetCsmacd 142 | openconfig-network-instance:network-instances: 143 | openconfig-network-instance:network-instance: 144 | - openconfig-network-instance:name: Mgmt-intf 145 | openconfig-network-instance:config: 146 | openconfig-network-instance:name: Mgmt-intf 147 | openconfig-network-instance:type: L3VRF 148 | openconfig-network-instance:enabled: true 149 | openconfig-network-instance:enabled-address-families: 150 | - IPV4 151 | - IPV6 152 | openconfig-network-instance:interfaces: 153 | openconfig-network-instance:interface: 154 | - openconfig-network-instance:id: GigabitEthernet0/0 155 | openconfig-network-instance:config: 156 | openconfig-network-instance:id: GigabitEthernet0/0 157 | openconfig-network-instance:interface: GigabitEthernet0/0 158 | openconfig-network-instance:subinterface: 0 159 | mdd_tags: 160 | - all 161 | -------------------------------------------------------------------------------- /mdd-data/org/region1/hq/hq-sw2/oc-stp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_tags: 3 | - switch 4 | mdd_data: 5 | mdd:openconfig: 6 | openconfig-spanning-tree:stp: 7 | openconfig-spanning-tree:global: 8 | openconfig-spanning-tree:config: 9 | openconfig-spanning-tree:enabled-protocol: 10 | - RAPID_PVST 11 | openconfig-spanning-tree:rapid-pvst: 12 | openconfig-spanning-tree:vlan: 13 | - openconfig-spanning-tree:vlan-id: 10 14 | openconfig-spanning-tree:config: 15 | openconfig-spanning-tree:vlan-id: 10 16 | openconfig-spanning-tree:bridge-priority: 32768 17 | - openconfig-spanning-tree:vlan-id: 100 18 | openconfig-spanning-tree:config: 19 | openconfig-spanning-tree:vlan-id: 100 20 | openconfig-spanning-tree:bridge-priority: 32768 21 | - openconfig-spanning-tree:vlan-id: 101 22 | openconfig-spanning-tree:config: 23 | openconfig-spanning-tree:vlan-id: 101 24 | openconfig-spanning-tree:bridge-priority: 32768 25 | openconfig-spanning-tree:interfaces: 26 | openconfig-spanning-tree:interface: 27 | - openconfig-spanning-tree:name: 'GigabitEthernet0/1' 28 | openconfig-spanning-tree:config: 29 | openconfig-spanning-tree:name: 'GigabitEthernet0/1' 30 | openconfig-spanning-tree:guard: ROOT 31 | openconfig-spanning-tree:link-type: P2P 32 | openconfig-spanning-tree:edge-port: EDGE_ENABLE 33 | - openconfig-spanning-tree:name: 'GigabitEthernet0/2' 34 | openconfig-spanning-tree:config: 35 | openconfig-spanning-tree:name: 'GigabitEthernet0/2' 36 | openconfig-spanning-tree:link-type: P2P 37 | openconfig-spanning-tree:edge-port: EDGE_DISABLE 38 | - openconfig-spanning-tree:name: 'GigabitEthernet0/3' 39 | openconfig-spanning-tree:config: 40 | openconfig-spanning-tree:name: 'GigabitEthernet0/3' 41 | openconfig-spanning-tree:guard: ROOT 42 | openconfig-spanning-tree:link-type: P2P 43 | openconfig-spanning-tree:edge-port: EDGE_AUTO 44 | - openconfig-spanning-tree:name: 'GigabitEthernet1/0' 45 | openconfig-spanning-tree:config: 46 | openconfig-spanning-tree:name: 'GigabitEthernet1/0' 47 | openconfig-spanning-tree:guard: ROOT 48 | openconfig-spanning-tree:link-type: P2P 49 | openconfig-spanning-tree:edge-port: EDGE_ENABLE 50 | - openconfig-spanning-tree:name: 'GigabitEthernet1/1' 51 | openconfig-spanning-tree:config: 52 | openconfig-spanning-tree:name: 'GigabitEthernet1/1' 53 | openconfig-spanning-tree:guard: ROOT 54 | openconfig-spanning-tree:link-type: P2P 55 | openconfig-spanning-tree:edge-port: EDGE_AUTO 56 | - openconfig-spanning-tree:name: 'GigabitEthernet1/2' 57 | openconfig-spanning-tree:config: 58 | openconfig-spanning-tree:name: 'GigabitEthernet1/2' 59 | openconfig-spanning-tree:guard: ROOT 60 | openconfig-spanning-tree:link-type: P2P 61 | openconfig-spanning-tree:edge-port: EDGE_AUTO 62 | - openconfig-spanning-tree:name: 'GigabitEthernet1/3' 63 | openconfig-spanning-tree:config: 64 | openconfig-spanning-tree:name: 'GigabitEthernet1/3' 65 | openconfig-spanning-tree:guard: ROOT 66 | openconfig-spanning-tree:link-type: P2P 67 | openconfig-spanning-tree:edge-port: EDGE_AUTO 68 | - openconfig-spanning-tree:name: 'GigabitEthernet2/0' 69 | openconfig-spanning-tree:config: 70 | openconfig-spanning-tree:name: 'GigabitEthernet2/0' 71 | openconfig-spanning-tree:guard: ROOT 72 | openconfig-spanning-tree:link-type: P2P 73 | openconfig-spanning-tree:edge-port: EDGE_AUTO 74 | - openconfig-spanning-tree:name: 'GigabitEthernet2/1' 75 | openconfig-spanning-tree:config: 76 | openconfig-spanning-tree:name: 'GigabitEthernet2/1' 77 | openconfig-spanning-tree:guard: ROOT 78 | openconfig-spanning-tree:link-type: P2P 79 | openconfig-spanning-tree:edge-port: EDGE_AUTO 80 | - openconfig-spanning-tree:name: 'GigabitEthernet2/2' 81 | openconfig-spanning-tree:config: 82 | openconfig-spanning-tree:name: 'GigabitEthernet2/2' 83 | openconfig-spanning-tree:guard: ROOT 84 | openconfig-spanning-tree:link-type: P2P 85 | openconfig-spanning-tree:edge-port: EDGE_AUTO 86 | - openconfig-spanning-tree:name: 'GigabitEthernet2/3' 87 | openconfig-spanning-tree:config: 88 | openconfig-spanning-tree:name: 'GigabitEthernet2/3' 89 | openconfig-spanning-tree:guard: ROOT 90 | openconfig-spanning-tree:link-type: P2P 91 | openconfig-spanning-tree:edge-port: EDGE_AUTO 92 | - openconfig-spanning-tree:name: 'GigabitEthernet3/0' 93 | openconfig-spanning-tree:config: 94 | openconfig-spanning-tree:name: 'GigabitEthernet3/0' 95 | openconfig-spanning-tree:guard: ROOT 96 | openconfig-spanning-tree:link-type: P2P 97 | openconfig-spanning-tree:edge-port: EDGE_AUTO 98 | - openconfig-spanning-tree:name: 'GigabitEthernet3/1' 99 | openconfig-spanning-tree:config: 100 | openconfig-spanning-tree:name: 'GigabitEthernet3/1' 101 | openconfig-spanning-tree:guard: ROOT 102 | openconfig-spanning-tree:link-type: P2P 103 | openconfig-spanning-tree:edge-port: EDGE_AUTO 104 | - openconfig-spanning-tree:name: 'GigabitEthernet3/2' 105 | openconfig-spanning-tree:config: 106 | openconfig-spanning-tree:name: 'GigabitEthernet3/2' 107 | openconfig-spanning-tree:guard: ROOT 108 | openconfig-spanning-tree:link-type: P2P 109 | openconfig-spanning-tree:edge-port: EDGE_AUTO 110 | - openconfig-spanning-tree:name: 'GigabitEthernet3/3' 111 | openconfig-spanning-tree:config: 112 | openconfig-spanning-tree:name: 'GigabitEthernet3/3' 113 | openconfig-spanning-tree:guard: ROOT 114 | openconfig-spanning-tree:link-type: P2P 115 | openconfig-spanning-tree:edge-port: EDGE_AUTO 116 | -------------------------------------------------------------------------------- /mdd-data/org/region1/site1/oc-routing.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-network-instance:network-instances: 5 | openconfig-network-instance:network-instance: 6 | - openconfig-network-instance:name: default 7 | openconfig-network-instance:mpls: 8 | openconfig-network-instance:signaling-protocols: 9 | openconfig-network-instance:ldp: 10 | openconfig-network-instance:global: 11 | openconfig-network-instance:config: 12 | openconfig-network-instance:lsr-id: 10.255.255.13 13 | openconfig-network-instance:protocols: 14 | openconfig-network-instance:protocol: 15 | - openconfig-network-instance:identifier: BGP 16 | openconfig-network-instance:name: BGP 17 | openconfig-network-instance:bgp: 18 | openconfig-network-instance:global: 19 | openconfig-network-instance:config: 20 | openconfig-network-instance:router-id: 10.255.255.13 21 | mdd_tags: 22 | - bgp 23 | -------------------------------------------------------------------------------- /mdd-data/org/region1/site1/site1-rtr1/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: Loopback0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: Loopback0 10 | openconfig-interfaces:type: softwareLoopback 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:addresses: 18 | openconfig-if-ip:address: 19 | - openconfig-if-ip:ip: 192.168.255.1 20 | openconfig-if-ip:config: 21 | openconfig-if-ip:ip: 192.168.255.1 22 | openconfig-if-ip:prefix-length: 32 23 | - openconfig-interfaces:name: Loopback100 24 | openconfig-interfaces:config: 25 | openconfig-interfaces:enabled: true 26 | openconfig-interfaces:name: Loopback100 27 | openconfig-interfaces:type: softwareLoopback 28 | openconfig-interfaces:subinterfaces: 29 | openconfig-interfaces:subinterface: 30 | - openconfig-interfaces:index: 0 31 | openconfig-interfaces:config: 32 | openconfig-interfaces:index: 0 33 | openconfig-if-ip:ipv4: 34 | openconfig-if-ip:addresses: 35 | openconfig-if-ip:address: 36 | - openconfig-if-ip:ip: 10.255.255.13 37 | openconfig-if-ip:config: 38 | openconfig-if-ip:ip: 10.255.255.13 39 | openconfig-if-ip:prefix-length: 32 40 | - openconfig-interfaces:name: GigabitEthernet1 41 | openconfig-interfaces:config: 42 | openconfig-interfaces:enabled: true 43 | openconfig-interfaces:name: GigabitEthernet1 44 | openconfig-interfaces:type: ethernetCsmacd 45 | openconfig-interfaces:subinterfaces: 46 | openconfig-interfaces:subinterface: 47 | - openconfig-interfaces:index: 0 48 | openconfig-interfaces:config: 49 | openconfig-interfaces:index: 0 50 | openconfig-if-ip:ipv4: 51 | openconfig-if-ip:config: 52 | openconfig-if-ip:dhcp-client: true 53 | - openconfig-interfaces:name: GigabitEthernet2 54 | openconfig-interfaces:config: 55 | openconfig-interfaces:enabled: true 56 | openconfig-interfaces:name: GigabitEthernet2 57 | openconfig-interfaces:type: ethernetCsmacd 58 | openconfig-interfaces:subinterfaces: 59 | openconfig-interfaces:subinterface: 60 | - openconfig-interfaces:index: 0 61 | openconfig-interfaces:config: 62 | openconfig-interfaces:index: 0 63 | openconfig-if-ip:ipv4: 64 | openconfig-if-ip:addresses: 65 | openconfig-if-ip:address: 66 | - openconfig-if-ip:ip: 10.0.0.10 67 | openconfig-if-ip:config: 68 | openconfig-if-ip:ip: 10.0.0.10 69 | openconfig-if-ip:prefix-length: 30 70 | - openconfig-interfaces:name: GigabitEthernet3 71 | openconfig-interfaces:config: 72 | openconfig-interfaces:description: 802.1q Trunk 73 | openconfig-interfaces:enabled: true 74 | openconfig-interfaces:name: GigabitEthernet3 75 | openconfig-interfaces:type: ethernetCsmacd 76 | openconfig-interfaces:subinterfaces: 77 | openconfig-interfaces:subinterface: 78 | - openconfig-interfaces:index: 10 79 | openconfig-interfaces:config: 80 | openconfig-interfaces:description: VLAN10 81 | openconfig-interfaces:enabled: true 82 | openconfig-interfaces:index: 10 83 | openconfig-if-ip:ipv4: 84 | openconfig-if-ip:addresses: 85 | openconfig-if-ip:address: 86 | - openconfig-if-ip:ip: 192.168.1.1 87 | openconfig-if-ip:config: 88 | openconfig-if-ip:ip: 192.168.1.1 89 | openconfig-if-ip:prefix-length: 24 90 | openconfig-vlan:vlan: 91 | openconfig-vlan:config: 92 | openconfig-vlan:vlan-id: 10 93 | - openconfig-interfaces:name: GigabitEthernet4 94 | openconfig-interfaces:config: 95 | openconfig-interfaces:enabled: false 96 | openconfig-interfaces:name: GigabitEthernet4 97 | openconfig-interfaces:type: ethernetCsmacd 98 | - openconfig-interfaces:name: GigabitEthernet5 99 | openconfig-interfaces:config: 100 | openconfig-interfaces:enabled: false 101 | openconfig-interfaces:name: GigabitEthernet5 102 | openconfig-interfaces:type: ethernetCsmacd 103 | - openconfig-interfaces:name: GigabitEthernet6 104 | openconfig-interfaces:config: 105 | openconfig-interfaces:enabled: false 106 | openconfig-interfaces:name: GigabitEthernet6 107 | openconfig-interfaces:type: ethernetCsmacd 108 | - openconfig-interfaces:name: GigabitEthernet7 109 | openconfig-interfaces:config: 110 | openconfig-interfaces:enabled: false 111 | openconfig-interfaces:name: GigabitEthernet7 112 | openconfig-interfaces:type: ethernetCsmacd 113 | - openconfig-interfaces:name: GigabitEthernet8 114 | openconfig-interfaces:config: 115 | openconfig-interfaces:enabled: false 116 | openconfig-interfaces:name: GigabitEthernet8 117 | openconfig-interfaces:type: ethernetCsmacd 118 | mdd_tags: 119 | - all 120 | -------------------------------------------------------------------------------- /mdd-data/org/region1/site1/site1-rtr1/oc-routing.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-network-instance:network-instances: 5 | openconfig-network-instance:network-instance: 6 | - openconfig-network-instance:name: default 7 | openconfig-network-instance:mpls: 8 | openconfig-network-instance:signaling-protocols: 9 | openconfig-network-instance:ldp: 10 | openconfig-network-instance:global: 11 | openconfig-network-instance:config: 12 | openconfig-network-instance:lsr-id: 10.255.255.13 13 | openconfig-network-instance:protocols: 14 | openconfig-network-instance:protocol: 15 | - openconfig-network-instance:identifier: BGP 16 | openconfig-network-instance:name: BGP 17 | openconfig-network-instance:bgp: 18 | openconfig-network-instance:global: 19 | openconfig-network-instance:config: 20 | openconfig-network-instance:router-id: 10.255.255.13 21 | -------------------------------------------------------------------------------- /mdd-data/org/region1/site1/site1-rtr1/site1-rtr1.cfg: -------------------------------------------------------------------------------- 1 | Building configuration... 2 | 3 | Current configuration : 4763 bytes 4 | ! 5 | ! Last configuration change at 16:46:16 UTC Mon Dec 13 2021 6 | ! 7 | version 17.6 8 | service timestamps debug datetime msec 9 | service timestamps log datetime msec 10 | ! Call-home is enabled by Smart-Licensing. 11 | service call-home 12 | platform qfp utilization monitor load 80 13 | platform punt-keepalive disable-kernel-core 14 | platform console serial 15 | ! 16 | hostname site1-rtr1 17 | ! 18 | boot-start-marker 19 | boot-end-marker 20 | ! 21 | ! 22 | vrf definition Mgmt-intf 23 | ! 24 | address-family ipv4 25 | exit-address-family 26 | ! 27 | address-family ipv6 28 | exit-address-family 29 | ! 30 | no logging console 31 | ! 32 | no aaa new-model 33 | ! 34 | ! 35 | ! 36 | ! 37 | ! 38 | ! 39 | ! 40 | ip domain name cml.local 41 | ! 42 | ! 43 | ! 44 | login on-success log 45 | ! 46 | ! 47 | ! 48 | ! 49 | ! 50 | ! 51 | ! 52 | subscriber templating 53 | ! 54 | multilink bundle-name authenticated 55 | ! 56 | ! 57 | ! 58 | crypto pki trustpoint SLA-TrustPoint 59 | enrollment pkcs12 60 | revocation-check crl 61 | ! 62 | ! 63 | crypto pki certificate chain SLA-TrustPoint 64 | certificate ca 01 65 | 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 66 | 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 67 | 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 68 | 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 69 | 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 70 | 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 71 | 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D 72 | CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 73 | 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE 74 | 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC 75 | 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 76 | 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 77 | C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 78 | C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 79 | DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 80 | 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 81 | 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 82 | 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 83 | 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B 84 | D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 85 | 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C 86 | 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B 87 | 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 88 | 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB 89 | 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 90 | D697DF7F 28 91 | quit 92 | ! 93 | license udi pid C8000V sn 9STGVOOYFWF 94 | diagnostic bootup level minimal 95 | memory free low-watermark processor 68484 96 | ! 97 | ! 98 | username admin privilege 15 secret 9 $9$gqGK1hsYhl3vmU$IKCJUpapPpkG7HC8XIaVSjcdq/VK/CtEoxD66x9jbrw 99 | ! 100 | redundancy 101 | ! 102 | ! 103 | ! 104 | ! 105 | ! 106 | ! 107 | ! 108 | ! 109 | ! 110 | interface Loopback0 111 | ip address 192.168.255.1 255.255.255.255 112 | ! 113 | interface GigabitEthernet1 114 | ip address 10.0.0.10 255.255.255.252 115 | negotiation auto 116 | ! 117 | interface GigabitEthernet2 118 | ip address 192.168.1.1 255.255.255.0 119 | negotiation auto 120 | ! 121 | interface GigabitEthernet3 122 | no ip address 123 | negotiation auto 124 | ! 125 | interface GigabitEthernet4 126 | no ip address 127 | shutdown 128 | negotiation auto 129 | ! 130 | interface GigabitEthernet5 131 | no ip address 132 | shutdown 133 | negotiation auto 134 | ! 135 | interface GigabitEthernet6 136 | no ip address 137 | shutdown 138 | negotiation auto 139 | ! 140 | interface GigabitEthernet7 141 | no ip address 142 | shutdown 143 | negotiation auto 144 | ! 145 | interface GigabitEthernet8 146 | vrf forwarding Mgmt-intf 147 | ip address dhcp 148 | negotiation auto 149 | ! 150 | router ospf 65101 151 | router-id 192.168.255.1 152 | network 192.168.1.0 0.0.0.255 area 0 153 | network 192.168.255.1 0.0.0.0 area 0 154 | default-information originate 155 | ! 156 | router bgp 65101 157 | bgp router-id 192.168.255.1 158 | bgp log-neighbor-changes 159 | neighbor 10.0.0.9 remote-as 65000 160 | ! 161 | address-family ipv4 162 | network 192.168.1.0 163 | network 192.168.255.1 mask 255.255.255.255 164 | neighbor 10.0.0.9 activate 165 | neighbor 10.0.0.9 next-hop-self 166 | exit-address-family 167 | ! 168 | ip forward-protocol nd 169 | no ip http server 170 | ip http secure-server 171 | ! 172 | ip route 192.168.1.0 255.255.255.0 Null0 173 | ! 174 | ! 175 | ! 176 | ! 177 | ! 178 | control-plane 179 | ! 180 | banner motd ^CWelcome to site1-rtr1!^C 181 | ! 182 | line con 0 183 | exec-timeout 0 0 184 | stopbits 1 185 | line aux 0 186 | line vty 0 4 187 | login local 188 | transport input ssh 189 | ! 190 | call-home 191 | ! If contact email address in call-home is configured as sch-smart-licensing@cisco.com 192 | ! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications. 193 | contact-email-addr sch-smart-licensing@cisco.com 194 | profile "CiscoTAC-1" 195 | active 196 | destination transport-method http 197 | ntp server 192.5.41.40 198 | ntp server 192.5.41.41 199 | ! 200 | ! 201 | ! 202 | ! 203 | ! 204 | ! 205 | end -------------------------------------------------------------------------------- /mdd-data/org/region1/site1/site1-sw1/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: GigabitEthernet0/0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: GigabitEthernet0/0 10 | openconfig-interfaces:type: ethernetCsmacd 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:config: 18 | openconfig-if-ip:dhcp-client: true 19 | - openconfig-interfaces:name: GigabitEthernet0/1 20 | openconfig-interfaces:config: 21 | openconfig-interfaces:enabled: true 22 | openconfig-interfaces:name: GigabitEthernet0/1 23 | openconfig-interfaces:type: l2vlan 24 | openconfig-if-ethernet:ethernet: 25 | openconfig-vlan:switched-vlan: 26 | openconfig-vlan:config: 27 | openconfig-vlan:interface-mode: TRUNK 28 | openconfig-vlan:native-vlan: 1 29 | openconfig-vlan:trunk-vlans: 30 | - 10 31 | - openconfig-interfaces:name: GigabitEthernet0/2 32 | openconfig-interfaces:config: 33 | openconfig-interfaces:enabled: true 34 | openconfig-interfaces:name: GigabitEthernet0/2 35 | openconfig-interfaces:type: l2vlan 36 | openconfig-if-ethernet:ethernet: 37 | openconfig-vlan:switched-vlan: 38 | openconfig-vlan:config: 39 | openconfig-vlan:access-vlan: 10 40 | openconfig-vlan:interface-mode: ACCESS 41 | - openconfig-interfaces:name: GigabitEthernet0/3 42 | openconfig-interfaces:config: 43 | openconfig-interfaces:enabled: true 44 | openconfig-interfaces:name: GigabitEthernet0/3 45 | openconfig-interfaces:type: ethernetCsmacd 46 | - openconfig-interfaces:name: GigabitEthernet1/0 47 | openconfig-interfaces:config: 48 | openconfig-interfaces:enabled: true 49 | openconfig-interfaces:name: GigabitEthernet1/0 50 | openconfig-interfaces:type: ethernetCsmacd 51 | - openconfig-interfaces:name: GigabitEthernet1/1 52 | openconfig-interfaces:config: 53 | openconfig-interfaces:enabled: true 54 | openconfig-interfaces:name: GigabitEthernet1/1 55 | openconfig-interfaces:type: ethernetCsmacd 56 | - openconfig-interfaces:name: GigabitEthernet1/2 57 | openconfig-interfaces:config: 58 | openconfig-interfaces:enabled: true 59 | openconfig-interfaces:name: GigabitEthernet1/2 60 | openconfig-interfaces:type: ethernetCsmacd 61 | - openconfig-interfaces:name: GigabitEthernet1/3 62 | openconfig-interfaces:config: 63 | openconfig-interfaces:enabled: true 64 | openconfig-interfaces:name: GigabitEthernet1/3 65 | openconfig-interfaces:type: ethernetCsmacd 66 | - openconfig-interfaces:name: GigabitEthernet2/0 67 | openconfig-interfaces:config: 68 | openconfig-interfaces:enabled: true 69 | openconfig-interfaces:name: GigabitEthernet2/0 70 | openconfig-interfaces:type: ethernetCsmacd 71 | - openconfig-interfaces:name: GigabitEthernet2/1 72 | openconfig-interfaces:config: 73 | openconfig-interfaces:enabled: true 74 | openconfig-interfaces:name: GigabitEthernet2/1 75 | openconfig-interfaces:type: ethernetCsmacd 76 | - openconfig-interfaces:name: GigabitEthernet2/2 77 | openconfig-interfaces:config: 78 | openconfig-interfaces:enabled: true 79 | openconfig-interfaces:name: GigabitEthernet2/2 80 | openconfig-interfaces:type: ethernetCsmacd 81 | - openconfig-interfaces:name: GigabitEthernet2/3 82 | openconfig-interfaces:config: 83 | openconfig-interfaces:enabled: true 84 | openconfig-interfaces:name: GigabitEthernet2/3 85 | openconfig-interfaces:type: ethernetCsmacd 86 | - openconfig-interfaces:name: GigabitEthernet3/0 87 | openconfig-interfaces:config: 88 | openconfig-interfaces:enabled: true 89 | openconfig-interfaces:name: GigabitEthernet3/0 90 | openconfig-interfaces:type: ethernetCsmacd 91 | - openconfig-interfaces:name: GigabitEthernet3/1 92 | openconfig-interfaces:config: 93 | openconfig-interfaces:enabled: true 94 | openconfig-interfaces:name: GigabitEthernet3/1 95 | openconfig-interfaces:type: ethernetCsmacd 96 | - openconfig-interfaces:name: GigabitEthernet3/2 97 | openconfig-interfaces:config: 98 | openconfig-interfaces:enabled: true 99 | openconfig-interfaces:name: GigabitEthernet3/2 100 | openconfig-interfaces:type: ethernetCsmacd 101 | - openconfig-interfaces:name: GigabitEthernet3/3 102 | openconfig-interfaces:config: 103 | openconfig-interfaces:enabled: true 104 | openconfig-interfaces:name: GigabitEthernet3/3 105 | openconfig-interfaces:type: ethernetCsmacd 106 | openconfig-network-instance:network-instances: 107 | openconfig-network-instance:network-instance: 108 | - openconfig-network-instance:name: Mgmt-intf 109 | openconfig-network-instance:config: 110 | openconfig-network-instance:name: Mgmt-intf 111 | openconfig-network-instance:type: L3VRF 112 | openconfig-network-instance:enabled: true 113 | openconfig-network-instance:enabled-address-families: 114 | - IPV4 115 | - IPV6 116 | openconfig-network-instance:interfaces: 117 | openconfig-network-instance:interface: 118 | - openconfig-network-instance:id: GigabitEthernet0/0 119 | openconfig-network-instance:config: 120 | openconfig-network-instance:id: GigabitEthernet0/0 121 | openconfig-network-instance:interface: GigabitEthernet0/0 122 | openconfig-network-instance:subinterface: 0 123 | mdd_tags: 124 | - all 125 | -------------------------------------------------------------------------------- /mdd-data/org/region1/site1/site1-sw1/oc-stp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_tags: 3 | - switch 4 | mdd_data: 5 | mdd:openconfig: 6 | openconfig-spanning-tree:stp: 7 | openconfig-spanning-tree:global: 8 | openconfig-spanning-tree:config: 9 | openconfig-spanning-tree:enabled-protocol: 10 | - RAPID_PVST 11 | openconfig-spanning-tree:interfaces: 12 | openconfig-spanning-tree:interface: 13 | - openconfig-spanning-tree:name: 'GigabitEthernet0/1' 14 | openconfig-spanning-tree:config: 15 | openconfig-spanning-tree:name: 'GigabitEthernet0/1' 16 | openconfig-spanning-tree:guard: ROOT 17 | openconfig-spanning-tree:link-type: P2P 18 | openconfig-spanning-tree:edge-port: EDGE_ENABLE 19 | - openconfig-spanning-tree:name: 'GigabitEthernet0/2' 20 | openconfig-spanning-tree:config: 21 | openconfig-spanning-tree:name: 'GigabitEthernet0/2' 22 | openconfig-spanning-tree:guard: ROOT 23 | openconfig-spanning-tree:link-type: P2P 24 | openconfig-spanning-tree:edge-port: EDGE_AUTO 25 | - openconfig-spanning-tree:name: 'GigabitEthernet0/3' 26 | openconfig-spanning-tree:config: 27 | openconfig-spanning-tree:name: 'GigabitEthernet0/3' 28 | openconfig-spanning-tree:guard: ROOT 29 | openconfig-spanning-tree:link-type: P2P 30 | openconfig-spanning-tree:edge-port: EDGE_AUTO 31 | - openconfig-spanning-tree:name: 'GigabitEthernet1/0' 32 | openconfig-spanning-tree:config: 33 | openconfig-spanning-tree:name: 'GigabitEthernet1/0' 34 | openconfig-spanning-tree:guard: ROOT 35 | openconfig-spanning-tree:link-type: P2P 36 | openconfig-spanning-tree:edge-port: EDGE_AUTO 37 | - openconfig-spanning-tree:name: 'GigabitEthernet1/1' 38 | openconfig-spanning-tree:config: 39 | openconfig-spanning-tree:name: 'GigabitEthernet1/1' 40 | openconfig-spanning-tree:guard: ROOT 41 | openconfig-spanning-tree:link-type: P2P 42 | openconfig-spanning-tree:edge-port: EDGE_AUTO 43 | - openconfig-spanning-tree:name: 'GigabitEthernet1/2' 44 | openconfig-spanning-tree:config: 45 | openconfig-spanning-tree:name: 'GigabitEthernet1/2' 46 | openconfig-spanning-tree:guard: ROOT 47 | openconfig-spanning-tree:link-type: P2P 48 | openconfig-spanning-tree:edge-port: EDGE_AUTO 49 | - openconfig-spanning-tree:name: 'GigabitEthernet1/3' 50 | openconfig-spanning-tree:config: 51 | openconfig-spanning-tree:name: 'GigabitEthernet1/3' 52 | openconfig-spanning-tree:guard: ROOT 53 | openconfig-spanning-tree:link-type: P2P 54 | openconfig-spanning-tree:edge-port: EDGE_AUTO 55 | - openconfig-spanning-tree:name: 'GigabitEthernet2/0' 56 | openconfig-spanning-tree:config: 57 | openconfig-spanning-tree:name: 'GigabitEthernet2/0' 58 | openconfig-spanning-tree:guard: ROOT 59 | openconfig-spanning-tree:link-type: P2P 60 | openconfig-spanning-tree:edge-port: EDGE_AUTO 61 | - openconfig-spanning-tree:name: 'GigabitEthernet2/1' 62 | openconfig-spanning-tree:config: 63 | openconfig-spanning-tree:name: 'GigabitEthernet2/1' 64 | openconfig-spanning-tree:guard: ROOT 65 | openconfig-spanning-tree:link-type: P2P 66 | openconfig-spanning-tree:edge-port: EDGE_AUTO 67 | - openconfig-spanning-tree:name: 'GigabitEthernet2/2' 68 | openconfig-spanning-tree:config: 69 | openconfig-spanning-tree:name: 'GigabitEthernet2/2' 70 | openconfig-spanning-tree:guard: ROOT 71 | openconfig-spanning-tree:link-type: P2P 72 | openconfig-spanning-tree:edge-port: EDGE_AUTO 73 | - openconfig-spanning-tree:name: 'GigabitEthernet2/3' 74 | openconfig-spanning-tree:config: 75 | openconfig-spanning-tree:name: 'GigabitEthernet2/3' 76 | openconfig-spanning-tree:guard: ROOT 77 | openconfig-spanning-tree:link-type: P2P 78 | openconfig-spanning-tree:edge-port: EDGE_AUTO 79 | - openconfig-spanning-tree:name: 'GigabitEthernet3/0' 80 | openconfig-spanning-tree:config: 81 | openconfig-spanning-tree:name: 'GigabitEthernet3/0' 82 | openconfig-spanning-tree:guard: ROOT 83 | openconfig-spanning-tree:link-type: P2P 84 | openconfig-spanning-tree:edge-port: EDGE_AUTO 85 | - openconfig-spanning-tree:name: 'GigabitEthernet3/1' 86 | openconfig-spanning-tree:config: 87 | openconfig-spanning-tree:name: 'GigabitEthernet3/1' 88 | openconfig-spanning-tree:guard: ROOT 89 | openconfig-spanning-tree:link-type: P2P 90 | openconfig-spanning-tree:edge-port: EDGE_AUTO 91 | - openconfig-spanning-tree:name: 'GigabitEthernet3/2' 92 | openconfig-spanning-tree:config: 93 | openconfig-spanning-tree:name: 'GigabitEthernet3/2' 94 | openconfig-spanning-tree:guard: ROOT 95 | openconfig-spanning-tree:link-type: P2P 96 | openconfig-spanning-tree:edge-port: EDGE_AUTO 97 | - openconfig-spanning-tree:name: 'GigabitEthernet3/3' 98 | openconfig-spanning-tree:config: 99 | openconfig-spanning-tree:name: 'GigabitEthernet3/3' 100 | openconfig-spanning-tree:guard: ROOT 101 | openconfig-spanning-tree:link-type: P2P 102 | openconfig-spanning-tree:edge-port: EDGE_AUTO 103 | -------------------------------------------------------------------------------- /mdd-data/org/region1/site1/site1-sw1/site1-sw1.cfg: -------------------------------------------------------------------------------- 1 | Building configuration... 2 | 3 | Current configuration : 3763 bytes 4 | ! 5 | ! Last configuration change at 17:42:39 UTC Sat Dec 11 2021 6 | ! 7 | version 15.2 8 | service timestamps debug datetime msec 9 | service timestamps log datetime msec 10 | no service password-encryption 11 | service compress-config 12 | ! 13 | hostname site1-sw1 14 | ! 15 | boot-start-marker 16 | boot-end-marker 17 | ! 18 | ! 19 | vrf definition Mgmt-intf 20 | ! 21 | address-family ipv4 22 | exit-address-family 23 | ! 24 | address-family ipv6 25 | exit-address-family 26 | ! 27 | ! 28 | username admin privilege 15 secret 5 $1$.Ncj$c/MzRhnqQoxl0LECcHOr91 29 | no aaa new-model 30 | ! 31 | ! 32 | ! 33 | ! 34 | ! 35 | ! 36 | ! 37 | ! 38 | ip domain-name cml.local 39 | ip cef 40 | no ipv6 cef 41 | ! 42 | ! 43 | ! 44 | spanning-tree mode pvst 45 | spanning-tree extend system-id 46 | ! 47 | ! 48 | ! 49 | ! 50 | ! 51 | ! 52 | ! 53 | ! 54 | ! 55 | ! 56 | ! 57 | ! 58 | ! 59 | ! 60 | ! 61 | interface GigabitEthernet0/0 62 | switchport access vlan 10 63 | switchport mode access 64 | negotiation auto 65 | ! 66 | interface GigabitEthernet0/1 67 | negotiation auto 68 | ! 69 | interface GigabitEthernet0/2 70 | negotiation auto 71 | ! 72 | interface GigabitEthernet0/3 73 | negotiation auto 74 | ! 75 | interface GigabitEthernet1/0 76 | switchport access vlan 10 77 | switchport mode access 78 | negotiation auto 79 | ! 80 | interface GigabitEthernet1/1 81 | negotiation auto 82 | ! 83 | interface GigabitEthernet1/2 84 | negotiation auto 85 | ! 86 | interface GigabitEthernet1/3 87 | negotiation auto 88 | ! 89 | interface GigabitEthernet2/0 90 | negotiation auto 91 | ! 92 | interface GigabitEthernet2/1 93 | negotiation auto 94 | ! 95 | interface GigabitEthernet2/2 96 | negotiation auto 97 | ! 98 | interface GigabitEthernet2/3 99 | negotiation auto 100 | ! 101 | interface GigabitEthernet3/0 102 | negotiation auto 103 | ! 104 | interface GigabitEthernet3/1 105 | negotiation auto 106 | ! 107 | interface GigabitEthernet3/2 108 | negotiation auto 109 | ! 110 | interface GigabitEthernet3/3 111 | no switchport 112 | vrf forwarding Mgmt-intf 113 | ip address dhcp 114 | negotiation auto 115 | ! 116 | ip forward-protocol nd 117 | ! 118 | ip http server 119 | ip http secure-server 120 | ! 121 | ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr 122 | ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr 123 | ! 124 | ! 125 | ! 126 | ! 127 | ! 128 | ! 129 | control-plane 130 | ! 131 | banner exec ^C 132 | ************************************************************************** 133 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 134 | * education. IOSv is provided as-is and is not supported by Cisco's * 135 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 136 | * of the IOSv Software or Documentation to any third party for any * 137 | * purposes is expressly prohibited except as otherwise authorized by * 138 | * Cisco in writing. * 139 | **************************************************************************^C 140 | banner incoming ^C 141 | ************************************************************************** 142 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 143 | * education. IOSv is provided as-is and is not supported by Cisco's * 144 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 145 | * of the IOSv Software or Documentation to any third party for any * 146 | * purposes is expressly prohibited except as otherwise authorized by * 147 | * Cisco in writing. * 148 | **************************************************************************^C 149 | banner login ^C 150 | ************************************************************************** 151 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 152 | * education. IOSv is provided as-is and is not supported by Cisco's * 153 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 154 | * of the IOSv Software or Documentation to any third party for any * 155 | * purposes is expressly prohibited except as otherwise authorized by * 156 | * Cisco in writing. * 157 | **************************************************************************^C 158 | banner motd ^CWelcome to site1-sw1!^C 159 | ! 160 | line con 0 161 | line aux 0 162 | line vty 0 4 163 | login local 164 | transport input ssh 165 | ! 166 | ! 167 | end -------------------------------------------------------------------------------- /mdd-data/org/region2/oc-ntp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-system:system: 5 | openconfig-system:clock: 6 | openconfig-system:config: 7 | openconfig-system:timezone-name: 'EST -5 0' 8 | -------------------------------------------------------------------------------- /mdd-data/org/region2/site2/site2-rtr1/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: Loopback0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: Loopback0 10 | openconfig-interfaces:type: softwareLoopback 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:addresses: 18 | openconfig-if-ip:address: 19 | - openconfig-if-ip:ip: 192.168.255.2 20 | openconfig-if-ip:config: 21 | openconfig-if-ip:ip: 192.168.255.2 22 | openconfig-if-ip:prefix-length: 32 23 | - openconfig-interfaces:name: Loopback100 24 | openconfig-interfaces:config: 25 | openconfig-interfaces:enabled: true 26 | openconfig-interfaces:name: Loopback100 27 | openconfig-interfaces:type: softwareLoopback 28 | openconfig-interfaces:subinterfaces: 29 | openconfig-interfaces:subinterface: 30 | - openconfig-interfaces:index: 0 31 | openconfig-interfaces:config: 32 | openconfig-interfaces:index: 0 33 | openconfig-if-ip:ipv4: 34 | openconfig-if-ip:addresses: 35 | openconfig-if-ip:address: 36 | - openconfig-if-ip:ip: 10.255.255.14 37 | openconfig-if-ip:config: 38 | openconfig-if-ip:ip: 10.255.255.14 39 | openconfig-if-ip:prefix-length: 32 40 | - openconfig-interfaces:name: GigabitEthernet1 41 | openconfig-interfaces:config: 42 | openconfig-interfaces:enabled: true 43 | openconfig-interfaces:name: GigabitEthernet1 44 | openconfig-interfaces:type: ethernetCsmacd 45 | openconfig-interfaces:subinterfaces: 46 | openconfig-interfaces:subinterface: 47 | - openconfig-interfaces:index: 0 48 | openconfig-interfaces:config: 49 | openconfig-interfaces:index: 0 50 | openconfig-if-ip:ipv4: 51 | openconfig-if-ip:config: 52 | openconfig-if-ip:dhcp-client: true 53 | - openconfig-interfaces:name: GigabitEthernet2 54 | openconfig-interfaces:config: 55 | openconfig-interfaces:enabled: true 56 | openconfig-interfaces:name: GigabitEthernet2 57 | openconfig-interfaces:type: ethernetCsmacd 58 | openconfig-interfaces:subinterfaces: 59 | openconfig-interfaces:subinterface: 60 | - openconfig-interfaces:index: 0 61 | openconfig-interfaces:config: 62 | openconfig-interfaces:index: 0 63 | openconfig-if-ip:ipv4: 64 | openconfig-if-ip:addresses: 65 | openconfig-if-ip:address: 66 | - openconfig-if-ip:ip: 10.0.0.14 67 | openconfig-if-ip:config: 68 | openconfig-if-ip:ip: 10.0.0.14 69 | openconfig-if-ip:prefix-length: 30 70 | - openconfig-interfaces:name: GigabitEthernet3 71 | openconfig-interfaces:config: 72 | openconfig-interfaces:enabled: true 73 | openconfig-interfaces:name: GigabitEthernet3 74 | openconfig-interfaces:type: ethernetCsmacd 75 | openconfig-interfaces:subinterfaces: 76 | openconfig-interfaces:subinterface: 77 | - openconfig-interfaces:index: 10 78 | openconfig-interfaces:config: 79 | openconfig-interfaces:description: VLAN10 80 | openconfig-interfaces:enabled: true 81 | openconfig-interfaces:index: 10 82 | openconfig-if-ip:ipv4: 83 | openconfig-if-ip:addresses: 84 | openconfig-if-ip:address: 85 | - openconfig-if-ip:ip: 192.168.2.1 86 | openconfig-if-ip:config: 87 | openconfig-if-ip:ip: 192.168.2.1 88 | openconfig-if-ip:prefix-length: 24 89 | openconfig-vlan:vlan: 90 | openconfig-vlan:config: 91 | openconfig-vlan:vlan-id: 10 92 | - openconfig-interfaces:name: GigabitEthernet4 93 | openconfig-interfaces:config: 94 | openconfig-interfaces:enabled: false 95 | openconfig-interfaces:name: GigabitEthernet4 96 | openconfig-interfaces:type: ethernetCsmacd 97 | - openconfig-interfaces:name: GigabitEthernet5 98 | openconfig-interfaces:config: 99 | openconfig-interfaces:enabled: false 100 | openconfig-interfaces:name: GigabitEthernet5 101 | openconfig-interfaces:type: ethernetCsmacd 102 | - openconfig-interfaces:name: GigabitEthernet6 103 | openconfig-interfaces:config: 104 | openconfig-interfaces:enabled: false 105 | openconfig-interfaces:name: GigabitEthernet6 106 | openconfig-interfaces:type: ethernetCsmacd 107 | - openconfig-interfaces:name: GigabitEthernet7 108 | openconfig-interfaces:config: 109 | openconfig-interfaces:enabled: false 110 | openconfig-interfaces:name: GigabitEthernet7 111 | openconfig-interfaces:type: ethernetCsmacd 112 | - openconfig-interfaces:name: GigabitEthernet8 113 | openconfig-interfaces:config: 114 | openconfig-interfaces:enabled: false 115 | openconfig-interfaces:name: GigabitEthernet8 116 | openconfig-interfaces:type: ethernetCsmacd 117 | mdd_tags: 118 | - all 119 | -------------------------------------------------------------------------------- /mdd-data/org/region2/site2/site2-rtr1/oc-routing.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-network-instance:network-instances: 5 | openconfig-network-instance:network-instance: 6 | - openconfig-network-instance:name: default 7 | openconfig-network-instance:mpls: 8 | openconfig-network-instance:signaling-protocols: 9 | openconfig-network-instance:ldp: 10 | openconfig-network-instance:global: 11 | openconfig-network-instance:config: 12 | openconfig-network-instance:lsr-id: 10.255.255.14 13 | openconfig-network-instance:protocols: 14 | openconfig-network-instance:protocol: 15 | - openconfig-network-instance:identifier: BGP 16 | openconfig-network-instance:name: BGP 17 | openconfig-network-instance:bgp: 18 | openconfig-network-instance:global: 19 | openconfig-network-instance:config: 20 | openconfig-network-instance:router-id: 10.255.255.14 21 | -------------------------------------------------------------------------------- /mdd-data/org/region2/site2/site2-rtr1/site2-rtr1.cfg: -------------------------------------------------------------------------------- 1 | Building configuration... 2 | 3 | Current configuration : 4764 bytes 4 | ! 5 | ! Last configuration change at 16:46:43 UTC Mon Dec 13 2021 6 | ! 7 | version 17.6 8 | service timestamps debug datetime msec 9 | service timestamps log datetime msec 10 | ! Call-home is enabled by Smart-Licensing. 11 | service call-home 12 | platform qfp utilization monitor load 80 13 | platform punt-keepalive disable-kernel-core 14 | platform console serial 15 | ! 16 | hostname site2-rtr1 17 | ! 18 | boot-start-marker 19 | boot-end-marker 20 | ! 21 | ! 22 | vrf definition Mgmt-intf 23 | ! 24 | address-family ipv4 25 | exit-address-family 26 | ! 27 | address-family ipv6 28 | exit-address-family 29 | ! 30 | no logging console 31 | ! 32 | no aaa new-model 33 | ! 34 | ! 35 | ! 36 | ! 37 | ! 38 | ! 39 | ! 40 | ip domain name cml.local 41 | ! 42 | ! 43 | ! 44 | login on-success log 45 | ! 46 | ! 47 | ! 48 | ! 49 | ! 50 | ! 51 | ! 52 | subscriber templating 53 | ! 54 | multilink bundle-name authenticated 55 | ! 56 | ! 57 | ! 58 | crypto pki trustpoint SLA-TrustPoint 59 | enrollment pkcs12 60 | revocation-check crl 61 | ! 62 | ! 63 | crypto pki certificate chain SLA-TrustPoint 64 | certificate ca 01 65 | 30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 66 | 32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 67 | 6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 68 | 3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 69 | 43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 70 | 526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 71 | 82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D 72 | CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 73 | 1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE 74 | 4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC 75 | 7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 76 | 68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 77 | C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 78 | C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 79 | DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 80 | 06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 81 | 4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 82 | 03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 83 | 604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B 84 | D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 85 | 467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C 86 | 7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B 87 | 5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 88 | 80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB 89 | 418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 90 | D697DF7F 28 91 | quit 92 | ! 93 | license udi pid C8000V sn 9GDHIEJT1A1 94 | diagnostic bootup level minimal 95 | memory free low-watermark processor 68484 96 | ! 97 | ! 98 | username admin privilege 15 secret 9 $9$gSimhsDaAplx/k$GCy.eGBi049RyXZ6iJwzFSSx8KwgY.B/b2zTC2wn7mU 99 | ! 100 | redundancy 101 | ! 102 | ! 103 | ! 104 | ! 105 | ! 106 | ! 107 | ! 108 | ! 109 | ! 110 | interface Loopback0 111 | ip address 192.168.255.2 255.255.255.255 112 | ! 113 | interface GigabitEthernet1 114 | ip address 10.0.0.14 255.255.255.252 115 | negotiation auto 116 | ! 117 | interface GigabitEthernet2 118 | ip address 192.168.2.1 255.255.255.0 119 | negotiation auto 120 | ! 121 | interface GigabitEthernet3 122 | no ip address 123 | negotiation auto 124 | ! 125 | interface GigabitEthernet4 126 | no ip address 127 | shutdown 128 | negotiation auto 129 | ! 130 | interface GigabitEthernet5 131 | no ip address 132 | shutdown 133 | negotiation auto 134 | ! 135 | interface GigabitEthernet6 136 | no ip address 137 | shutdown 138 | negotiation auto 139 | ! 140 | interface GigabitEthernet7 141 | no ip address 142 | shutdown 143 | negotiation auto 144 | ! 145 | interface GigabitEthernet8 146 | vrf forwarding Mgmt-intf 147 | ip address dhcp 148 | negotiation auto 149 | ! 150 | router ospf 65102 151 | router-id 192.168.2.1 152 | network 192.168.2.0 0.0.0.255 area 0 153 | network 192.168.255.2 0.0.0.0 area 0 154 | default-information originate 155 | ! 156 | router bgp 65102 157 | bgp router-id 192.168.255.2 158 | bgp log-neighbor-changes 159 | neighbor 10.0.0.13 remote-as 65000 160 | ! 161 | address-family ipv4 162 | network 192.168.2.0 163 | network 192.168.255.2 mask 255.255.255.255 164 | neighbor 10.0.0.13 activate 165 | neighbor 10.0.0.13 next-hop-self 166 | exit-address-family 167 | ! 168 | ip forward-protocol nd 169 | no ip http server 170 | ip http secure-server 171 | ! 172 | ip route 192.168.2.0 255.255.255.0 Null0 173 | ! 174 | ! 175 | ! 176 | ! 177 | ! 178 | control-plane 179 | ! 180 | banner motd ^CWelcome to site2-rtr1!^C 181 | ! 182 | line con 0 183 | exec-timeout 0 0 184 | stopbits 1 185 | line aux 0 186 | line vty 0 4 187 | login local 188 | transport input ssh 189 | ! 190 | call-home 191 | ! If contact email address in call-home is configured as sch-smart-licensing@cisco.com 192 | ! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications. 193 | contact-email-addr sch-smart-licensing@cisco.com 194 | profile "CiscoTAC-1" 195 | active 196 | destination transport-method http 197 | ntp server 192.5.41.40 198 | ntp server 192.5.41.41 199 | ! 200 | ! 201 | ! 202 | ! 203 | ! 204 | ! 205 | end -------------------------------------------------------------------------------- /mdd-data/org/region2/site2/site2-sw1/oc-interfaces.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_data: 3 | mdd:openconfig: 4 | openconfig-interfaces:interfaces: 5 | openconfig-interfaces:interface: 6 | - openconfig-interfaces:name: GigabitEthernet0/0 7 | openconfig-interfaces:config: 8 | openconfig-interfaces:enabled: true 9 | openconfig-interfaces:name: GigabitEthernet0/0 10 | openconfig-interfaces:type: l2vlan 11 | openconfig-interfaces:subinterfaces: 12 | openconfig-interfaces:subinterface: 13 | - openconfig-interfaces:index: 0 14 | openconfig-interfaces:config: 15 | openconfig-interfaces:index: 0 16 | openconfig-if-ip:ipv4: 17 | openconfig-if-ip:config: 18 | openconfig-if-ip:dhcp-client: true 19 | - openconfig-interfaces:name: GigabitEthernet0/1 20 | openconfig-interfaces:config: 21 | openconfig-interfaces:enabled: true 22 | openconfig-interfaces:name: GigabitEthernet0/1 23 | openconfig-interfaces:type: l2vlan 24 | openconfig-if-ethernet:ethernet: 25 | openconfig-vlan:switched-vlan: 26 | openconfig-vlan:config: 27 | openconfig-vlan:interface-mode: TRUNK 28 | openconfig-vlan:native-vlan: 1 29 | openconfig-vlan:trunk-vlans: 30 | - 10 31 | - openconfig-interfaces:name: GigabitEthernet0/2 32 | openconfig-interfaces:config: 33 | openconfig-interfaces:enabled: true 34 | openconfig-interfaces:name: GigabitEthernet0/2 35 | openconfig-interfaces:type: l2vlan 36 | openconfig-if-ethernet:ethernet: 37 | openconfig-vlan:switched-vlan: 38 | openconfig-vlan:config: 39 | openconfig-vlan:access-vlan: 10 40 | openconfig-vlan:interface-mode: ACCESS 41 | - openconfig-interfaces:name: GigabitEthernet0/3 42 | openconfig-interfaces:config: 43 | openconfig-interfaces:enabled: true 44 | openconfig-interfaces:name: GigabitEthernet0/3 45 | openconfig-interfaces:type: ethernetCsmacd 46 | - openconfig-interfaces:name: GigabitEthernet1/0 47 | openconfig-interfaces:config: 48 | openconfig-interfaces:enabled: true 49 | openconfig-interfaces:name: GigabitEthernet1/0 50 | openconfig-interfaces:type: ethernetCsmacd 51 | - openconfig-interfaces:name: GigabitEthernet1/1 52 | openconfig-interfaces:config: 53 | openconfig-interfaces:enabled: true 54 | openconfig-interfaces:name: GigabitEthernet1/1 55 | openconfig-interfaces:type: ethernetCsmacd 56 | - openconfig-interfaces:name: GigabitEthernet1/2 57 | openconfig-interfaces:config: 58 | openconfig-interfaces:enabled: true 59 | openconfig-interfaces:name: GigabitEthernet1/2 60 | openconfig-interfaces:type: ethernetCsmacd 61 | - openconfig-interfaces:name: GigabitEthernet1/3 62 | openconfig-interfaces:config: 63 | openconfig-interfaces:enabled: true 64 | openconfig-interfaces:name: GigabitEthernet1/3 65 | openconfig-interfaces:type: ethernetCsmacd 66 | - openconfig-interfaces:name: GigabitEthernet2/0 67 | openconfig-interfaces:config: 68 | openconfig-interfaces:enabled: true 69 | openconfig-interfaces:name: GigabitEthernet2/0 70 | openconfig-interfaces:type: ethernetCsmacd 71 | - openconfig-interfaces:name: GigabitEthernet2/1 72 | openconfig-interfaces:config: 73 | openconfig-interfaces:enabled: true 74 | openconfig-interfaces:name: GigabitEthernet2/1 75 | openconfig-interfaces:type: ethernetCsmacd 76 | - openconfig-interfaces:name: GigabitEthernet2/2 77 | openconfig-interfaces:config: 78 | openconfig-interfaces:enabled: true 79 | openconfig-interfaces:name: GigabitEthernet2/2 80 | openconfig-interfaces:type: ethernetCsmacd 81 | - openconfig-interfaces:name: GigabitEthernet2/3 82 | openconfig-interfaces:config: 83 | openconfig-interfaces:enabled: true 84 | openconfig-interfaces:name: GigabitEthernet2/3 85 | openconfig-interfaces:type: ethernetCsmacd 86 | - openconfig-interfaces:name: GigabitEthernet3/0 87 | openconfig-interfaces:config: 88 | openconfig-interfaces:enabled: true 89 | openconfig-interfaces:name: GigabitEthernet3/0 90 | openconfig-interfaces:type: ethernetCsmacd 91 | - openconfig-interfaces:name: GigabitEthernet3/1 92 | openconfig-interfaces:config: 93 | openconfig-interfaces:enabled: true 94 | openconfig-interfaces:name: GigabitEthernet3/1 95 | openconfig-interfaces:type: ethernetCsmacd 96 | - openconfig-interfaces:name: GigabitEthernet3/2 97 | openconfig-interfaces:config: 98 | openconfig-interfaces:enabled: true 99 | openconfig-interfaces:name: GigabitEthernet3/2 100 | openconfig-interfaces:type: ethernetCsmacd 101 | - openconfig-interfaces:name: GigabitEthernet3/3 102 | openconfig-interfaces:config: 103 | openconfig-interfaces:enabled: true 104 | openconfig-interfaces:name: GigabitEthernet3/3 105 | openconfig-interfaces:type: ethernetCsmacd 106 | openconfig-network-instance:network-instances: 107 | openconfig-network-instance:network-instance: 108 | - openconfig-network-instance:name: Mgmt-intf 109 | openconfig-network-instance:config: 110 | openconfig-network-instance:name: Mgmt-intf 111 | openconfig-network-instance:type: L3VRF 112 | openconfig-network-instance:enabled: true 113 | openconfig-network-instance:enabled-address-families: 114 | - IPV4 115 | - IPV6 116 | openconfig-network-instance:interfaces: 117 | openconfig-network-instance:interface: 118 | - openconfig-network-instance:id: GigabitEthernet0/0 119 | openconfig-network-instance:config: 120 | openconfig-network-instance:id: GigabitEthernet0/0 121 | openconfig-network-instance:interface: GigabitEthernet0/0 122 | openconfig-network-instance:subinterface: 0 123 | mdd_tags: 124 | - all 125 | -------------------------------------------------------------------------------- /mdd-data/org/region2/site2/site2-sw1/oc-stp.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_tags: 3 | - switch 4 | mdd_data: 5 | mdd:openconfig: 6 | openconfig-spanning-tree:stp: 7 | openconfig-spanning-tree:global: 8 | openconfig-spanning-tree:config: 9 | openconfig-spanning-tree:enabled-protocol: 10 | - RAPID_PVST 11 | openconfig-spanning-tree:interfaces: 12 | openconfig-spanning-tree:interface: 13 | - openconfig-spanning-tree:name: 'GigabitEthernet0/1' 14 | openconfig-spanning-tree:config: 15 | openconfig-spanning-tree:name: 'GigabitEthernet0/1' 16 | openconfig-spanning-tree:guard: ROOT 17 | openconfig-spanning-tree:link-type: P2P 18 | openconfig-spanning-tree:edge-port: EDGE_ENABLE 19 | - openconfig-spanning-tree:name: 'GigabitEthernet0/2' 20 | openconfig-spanning-tree:config: 21 | openconfig-spanning-tree:name: 'GigabitEthernet0/2' 22 | openconfig-spanning-tree:guard: ROOT 23 | openconfig-spanning-tree:link-type: P2P 24 | openconfig-spanning-tree:edge-port: EDGE_AUTO 25 | - openconfig-spanning-tree:name: 'GigabitEthernet0/3' 26 | openconfig-spanning-tree:config: 27 | openconfig-spanning-tree:name: 'GigabitEthernet0/3' 28 | openconfig-spanning-tree:guard: ROOT 29 | openconfig-spanning-tree:link-type: P2P 30 | openconfig-spanning-tree:edge-port: EDGE_AUTO 31 | - openconfig-spanning-tree:name: 'GigabitEthernet1/0' 32 | openconfig-spanning-tree:config: 33 | openconfig-spanning-tree:name: 'GigabitEthernet1/0' 34 | openconfig-spanning-tree:guard: ROOT 35 | openconfig-spanning-tree:link-type: P2P 36 | openconfig-spanning-tree:edge-port: EDGE_AUTO 37 | - openconfig-spanning-tree:name: 'GigabitEthernet1/1' 38 | openconfig-spanning-tree:config: 39 | openconfig-spanning-tree:name: 'GigabitEthernet1/1' 40 | openconfig-spanning-tree:guard: ROOT 41 | openconfig-spanning-tree:link-type: P2P 42 | openconfig-spanning-tree:edge-port: EDGE_AUTO 43 | - openconfig-spanning-tree:name: 'GigabitEthernet1/2' 44 | openconfig-spanning-tree:config: 45 | openconfig-spanning-tree:name: 'GigabitEthernet1/2' 46 | openconfig-spanning-tree:guard: ROOT 47 | openconfig-spanning-tree:link-type: P2P 48 | openconfig-spanning-tree:edge-port: EDGE_AUTO 49 | - openconfig-spanning-tree:name: 'GigabitEthernet1/3' 50 | openconfig-spanning-tree:config: 51 | openconfig-spanning-tree:name: 'GigabitEthernet1/3' 52 | openconfig-spanning-tree:guard: ROOT 53 | openconfig-spanning-tree:link-type: P2P 54 | openconfig-spanning-tree:edge-port: EDGE_AUTO 55 | - openconfig-spanning-tree:name: 'GigabitEthernet2/0' 56 | openconfig-spanning-tree:config: 57 | openconfig-spanning-tree:name: 'GigabitEthernet2/0' 58 | openconfig-spanning-tree:guard: ROOT 59 | openconfig-spanning-tree:link-type: P2P 60 | openconfig-spanning-tree:edge-port: EDGE_AUTO 61 | - openconfig-spanning-tree:name: 'GigabitEthernet2/1' 62 | openconfig-spanning-tree:config: 63 | openconfig-spanning-tree:name: 'GigabitEthernet2/1' 64 | openconfig-spanning-tree:guard: ROOT 65 | openconfig-spanning-tree:link-type: P2P 66 | openconfig-spanning-tree:edge-port: EDGE_AUTO 67 | - openconfig-spanning-tree:name: 'GigabitEthernet2/2' 68 | openconfig-spanning-tree:config: 69 | openconfig-spanning-tree:name: 'GigabitEthernet2/2' 70 | openconfig-spanning-tree:guard: ROOT 71 | openconfig-spanning-tree:link-type: P2P 72 | openconfig-spanning-tree:edge-port: EDGE_AUTO 73 | - openconfig-spanning-tree:name: 'GigabitEthernet2/3' 74 | openconfig-spanning-tree:config: 75 | openconfig-spanning-tree:name: 'GigabitEthernet2/3' 76 | openconfig-spanning-tree:guard: ROOT 77 | openconfig-spanning-tree:link-type: P2P 78 | openconfig-spanning-tree:edge-port: EDGE_AUTO 79 | - openconfig-spanning-tree:name: 'GigabitEthernet3/0' 80 | openconfig-spanning-tree:config: 81 | openconfig-spanning-tree:name: 'GigabitEthernet3/0' 82 | openconfig-spanning-tree:guard: ROOT 83 | openconfig-spanning-tree:link-type: P2P 84 | openconfig-spanning-tree:edge-port: EDGE_AUTO 85 | - openconfig-spanning-tree:name: 'GigabitEthernet3/1' 86 | openconfig-spanning-tree:config: 87 | openconfig-spanning-tree:name: 'GigabitEthernet3/1' 88 | openconfig-spanning-tree:guard: ROOT 89 | openconfig-spanning-tree:link-type: P2P 90 | openconfig-spanning-tree:edge-port: EDGE_AUTO 91 | - openconfig-spanning-tree:name: 'GigabitEthernet3/2' 92 | openconfig-spanning-tree:config: 93 | openconfig-spanning-tree:name: 'GigabitEthernet3/2' 94 | openconfig-spanning-tree:guard: ROOT 95 | openconfig-spanning-tree:link-type: P2P 96 | openconfig-spanning-tree:edge-port: EDGE_AUTO 97 | - openconfig-spanning-tree:name: 'GigabitEthernet3/3' 98 | openconfig-spanning-tree:config: 99 | openconfig-spanning-tree:name: 'GigabitEthernet3/3' 100 | openconfig-spanning-tree:guard: ROOT 101 | openconfig-spanning-tree:link-type: P2P 102 | openconfig-spanning-tree:edge-port: EDGE_AUTO 103 | -------------------------------------------------------------------------------- /mdd-data/org/region2/site2/site2-sw1/site2-sw1.cfg: -------------------------------------------------------------------------------- 1 | Building configuration... 2 | 3 | Current configuration : 3763 bytes 4 | ! 5 | ! Last configuration change at 17:42:47 UTC Sat Dec 11 2021 6 | ! 7 | version 15.2 8 | service timestamps debug datetime msec 9 | service timestamps log datetime msec 10 | no service password-encryption 11 | service compress-config 12 | ! 13 | hostname site2-sw1 14 | ! 15 | boot-start-marker 16 | boot-end-marker 17 | ! 18 | ! 19 | vrf definition Mgmt-intf 20 | ! 21 | address-family ipv4 22 | exit-address-family 23 | ! 24 | address-family ipv6 25 | exit-address-family 26 | ! 27 | ! 28 | username admin privilege 15 secret 5 $1$b.NJ$OasedCicDlCK5m9vAPDSH. 29 | no aaa new-model 30 | ! 31 | ! 32 | ! 33 | ! 34 | ! 35 | ! 36 | ! 37 | ! 38 | ip domain-name cml.local 39 | ip cef 40 | no ipv6 cef 41 | ! 42 | ! 43 | ! 44 | spanning-tree mode pvst 45 | spanning-tree extend system-id 46 | ! 47 | ! 48 | ! 49 | ! 50 | ! 51 | ! 52 | ! 53 | ! 54 | ! 55 | ! 56 | ! 57 | ! 58 | ! 59 | ! 60 | ! 61 | interface GigabitEthernet0/0 62 | switchport access vlan 10 63 | switchport mode access 64 | negotiation auto 65 | ! 66 | interface GigabitEthernet0/1 67 | negotiation auto 68 | ! 69 | interface GigabitEthernet0/2 70 | negotiation auto 71 | ! 72 | interface GigabitEthernet0/3 73 | negotiation auto 74 | ! 75 | interface GigabitEthernet1/0 76 | switchport access vlan 10 77 | switchport mode access 78 | negotiation auto 79 | ! 80 | interface GigabitEthernet1/1 81 | negotiation auto 82 | ! 83 | interface GigabitEthernet1/2 84 | negotiation auto 85 | ! 86 | interface GigabitEthernet1/3 87 | negotiation auto 88 | ! 89 | interface GigabitEthernet2/0 90 | negotiation auto 91 | ! 92 | interface GigabitEthernet2/1 93 | negotiation auto 94 | ! 95 | interface GigabitEthernet2/2 96 | negotiation auto 97 | ! 98 | interface GigabitEthernet2/3 99 | negotiation auto 100 | ! 101 | interface GigabitEthernet3/0 102 | negotiation auto 103 | ! 104 | interface GigabitEthernet3/1 105 | negotiation auto 106 | ! 107 | interface GigabitEthernet3/2 108 | negotiation auto 109 | ! 110 | interface GigabitEthernet3/3 111 | no switchport 112 | vrf forwarding Mgmt-intf 113 | ip address dhcp 114 | negotiation auto 115 | ! 116 | ip forward-protocol nd 117 | ! 118 | ip http server 119 | ip http secure-server 120 | ! 121 | ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr 122 | ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr 123 | ! 124 | ! 125 | ! 126 | ! 127 | ! 128 | ! 129 | control-plane 130 | ! 131 | banner exec ^C 132 | ************************************************************************** 133 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 134 | * education. IOSv is provided as-is and is not supported by Cisco's * 135 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 136 | * of the IOSv Software or Documentation to any third party for any * 137 | * purposes is expressly prohibited except as otherwise authorized by * 138 | * Cisco in writing. * 139 | **************************************************************************^C 140 | banner incoming ^C 141 | ************************************************************************** 142 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 143 | * education. IOSv is provided as-is and is not supported by Cisco's * 144 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 145 | * of the IOSv Software or Documentation to any third party for any * 146 | * purposes is expressly prohibited except as otherwise authorized by * 147 | * Cisco in writing. * 148 | **************************************************************************^C 149 | banner login ^C 150 | ************************************************************************** 151 | * IOSv is strictly limited to use for evaluation, demonstration and IOS * 152 | * education. IOSv is provided as-is and is not supported by Cisco's * 153 | * Technical Advisory Center. Any use or disclosure, in whole or in part, * 154 | * of the IOSv Software or Documentation to any third party for any * 155 | * purposes is expressly prohibited except as otherwise authorized by * 156 | * Cisco in writing. * 157 | **************************************************************************^C 158 | banner motd ^CWelcome to site2-sw1!^C 159 | ! 160 | line con 0 161 | line aux 0 162 | line vty 0 4 163 | login local 164 | transport input ssh 165 | ! 166 | ! 167 | end -------------------------------------------------------------------------------- /mdd-data/org/validate-local.yml: -------------------------------------------------------------------------------- 1 | --- 2 | mdd_tags: 3 | - all 4 | mdd_schemas: 5 | - name: banner 6 | file: 'local/banner.schema.yml' 7 | - name: dns 8 | file: 'local/dns.schema.yml.j2' 9 | validate_vars: 10 | dns_servers: 11 | - 208.67.222.222 12 | - 208.67.220.220 13 | -------------------------------------------------------------------------------- /play.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | IMAGE=ghcr.io/model-driven-devops/ansible-mdd/mdd:1.2.10 4 | 5 | OPTIONS="--env ANSIBLE_PYTHON_INTERPRETER=/usr/bin/python3" 6 | if [[ ! -z "$ANSIBLE_VAULT_PASSWORD_FILE" ]]; then 7 | OPTIONS="--env ANSIBLE_VAULT_PASSWORD_FILE=/tmp/vault.pw -v $ANSIBLE_VAULT_PASSWORD_FILE:/tmp/vault.pw" 8 | fi 9 | 10 | OPTION_LIST=( \ 11 | "CML_HOST" \ 12 | "CML_USERNAME" \ 13 | "CML_PASSWORD" \ 14 | "CML_LAB" \ 15 | "CML_VERIFY_CERT" \ 16 | "ANSIBLE_INVENTORY" \ 17 | "NSO_URL" \ 18 | "NSO_USERNAME" \ 19 | "NSO_PASSWORD" \ 20 | ) 21 | 22 | for OPTION in ${OPTION_LIST[*]}; do 23 | if [[ ! -z "${!OPTION}" ]]; then 24 | OPTIONS="$OPTIONS --env $OPTION=${!OPTION}" 25 | fi 26 | done 27 | 28 | while getopts ":sl" opt; do 29 | case $opt in 30 | s) 31 | docker run -it --rm -v $PWD:/ansible --env PWD="/ansible" --env USER="$USER" $OPTIONS $IMAGE /bin/bash 32 | exit 33 | ;; 34 | l) 35 | docker run -it --rm -v $PWD:/ansible --env PWD="/ansible" --env USER="$USER" $OPTIONS $IMAGE ansible-lint 36 | exit 37 | ;; 38 | esac 39 | done 40 | 41 | docker run -it --rm -v $PWD:/ansible --env PWD="/ansible" --env USER="$USER" $OPTIONS $IMAGE ansible-playbook "$@" 42 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | ansible==8.4.0 2 | virl2_client==2.6.0 3 | netaddr 4 | pynetbox 5 | jsonschema 6 | ipaddress 7 | paramiko 8 | genie 9 | pyats 10 | jmespath 11 | passlib 12 | botocore 13 | boto3 14 | nso-oc==2.79.3 15 | networkx 16 | scipy 17 | -------------------------------------------------------------------------------- /requirements.yml: -------------------------------------------------------------------------------- 1 | collections: 2 | - name: https://github.com/ciscodevnet/ansible-cml.git 3 | type: git 4 | - name: https://github.com/model-driven-devops/ansible-mdd.git,1.2.10 5 | type: git 6 | - name: https://github.com/model-driven-devops/ansible-nso.git 7 | type: git 8 | - name: amazon.aws 9 | source: https://galaxy.ansible.com 10 | -------------------------------------------------------------------------------- /schemas/README.md: -------------------------------------------------------------------------------- 1 | # schemas 2 | schemas 3 | -------------------------------------------------------------------------------- /schemas/local/banner.schema.yml: -------------------------------------------------------------------------------- 1 | title: Network banner schema 2 | type: object 3 | required: 4 | - openconfig-system:system 5 | properties: 6 | openconfig-system:system: 7 | type: object 8 | required: 9 | - openconfig-system:config 10 | properties: 11 | openconfig-system:config: 12 | type: object 13 | required: 14 | - openconfig-system:login-banner 15 | properties: 16 | openconfig-system:login-banner: 17 | type: string 18 | description: Login banner 19 | pattern: prohibited 20 | -------------------------------------------------------------------------------- /schemas/local/dns.schema.yml.j2: -------------------------------------------------------------------------------- 1 | title: OpenConfig system schema (DNS) 2 | type: object 3 | required: 4 | - openconfig-system:system 5 | properties: 6 | openconfig-system:system: 7 | description: top level object 8 | type: object 9 | required: 10 | - openconfig-system:dns 11 | properties: 12 | openconfig-system:dns: 13 | description: DNS settings 14 | type: object 15 | required: 16 | - openconfig-system:servers 17 | properties: 18 | openconfig-system:servers: 19 | description: DNS servers 20 | type: object 21 | required: 22 | - openconfig-system:server 23 | properties: 24 | openconfig-system:server: 25 | description: a dns server 26 | type: array 27 | items: 28 | type: object 29 | properties: 30 | openconfig-system:address: 31 | description: Server address 32 | type: string 33 | format: ipv4 34 | openconfig-system:config: 35 | description: configuration 36 | type: object 37 | properties: 38 | openconfig-system:address: 39 | description: DNS server address 40 | type: string 41 | format: ipv4 42 | enum: {{ validate_vars.dns_servers }} 43 | -------------------------------------------------------------------------------- /schemas/pyats/bgp-neighbor-state.yml: -------------------------------------------------------------------------------- 1 | # 2 | # Check to make sure that any enabled neighbors are established 3 | # 4 | title: BGP Neighbor Check 5 | type: object 6 | required: 7 | - vrf 8 | properties: 9 | vrf: 10 | type: object 11 | required: 12 | - default 13 | properties: 14 | default: 15 | type: object 16 | required: 17 | - neighbor 18 | properties: 19 | neighbor: 20 | type: object 21 | additionalProperties: 22 | type: object 23 | required: 24 | - session_state 25 | - shutdown 26 | if: 27 | properties: 28 | shutdown: 29 | type: boolean 30 | const: false 31 | then: 32 | properties: 33 | session_state: 34 | type: string 35 | const: Established -------------------------------------------------------------------------------- /schemas/pyats/show_ip_route.yml.j2: -------------------------------------------------------------------------------- 1 | type: object 2 | required: 3 | - vrf 4 | properties: 5 | vrf: 6 | type: object 7 | required: 8 | - {{ check_vars.vrf }} 9 | properties: 10 | {{ check_vars.vrf }}: 11 | type: object 12 | required: 13 | - address_family 14 | properties: 15 | address_family: 16 | type: object 17 | required: 18 | - ipv4 19 | properties: 20 | ipv4: 21 | type: object 22 | required: 23 | - routes 24 | properties: 25 | routes: 26 | type: object 27 | required: 28 | {% for route in check_vars.routes %} 29 | - {{ route.route }} 30 | {% endfor %} 31 | properties: 32 | {% for route in check_vars.routes %} 33 | {{ route.route }}: 34 | type: object 35 | required: 36 | - route 37 | {% if route.active is defined and route.active %} 38 | - active 39 | {% endif %} 40 | {% if route.metric is defined and route.metric %} 41 | - metric 42 | {% endif %} 43 | {% if route.next_hop is defined and route.next_hop %} 44 | - next_hop 45 | {% endif %} 46 | {% if route.source_protocol is defined and route.source_protocol %} 47 | - source_protocol 48 | {% endif %} 49 | {% if route.next_hop is defined and route.next_hop %} 50 | - next_hop 51 | {% endif %} 52 | properties: 53 | route: 54 | type: string 55 | const: {{ route.route }} 56 | {% if route.active is defined and route.active %} 57 | active: 58 | type: boolean 59 | const: {{ route.active }} 60 | {% endif %} 61 | {% if route.metric is defined and route.metric %} 62 | metric: 63 | type: integer 64 | const: {{ route.metric }} 65 | {% endif %} 66 | {% if route.next_hop is defined and route.next_hop %} 67 | next_hop: 68 | {% if route.next_hop.next_hop_list is defined and route.next_hop.next_hop_list %} 69 | type: object 70 | required: 71 | - next_hop_list 72 | properties: 73 | next_hop_list: 74 | type: object 75 | required: 76 | {% for next_hop in route.next_hop.next_hop_list %} 77 | - "{{ next_hop.index }}" 78 | {% endfor %} 79 | properties: 80 | {% for next_hop in route.next_hop.next_hop_list %} 81 | "{{ next_hop.index }}": 82 | type: object 83 | required: 84 | - index 85 | - next_hop 86 | {% if next_hop.outgoing_interface is defined and next_hop.outgoing_interface %} 87 | - outgoing_interface 88 | {% endif %} 89 | properties: 90 | index: 91 | type: integer 92 | const: {{ next_hop.index }} 93 | next_hop: 94 | type: string 95 | const: {{ next_hop.next_hop }} 96 | {% if next_hop.outgoing_interface is defined and next_hop.outgoing_interface %} 97 | outgoing_interface: 98 | type: string 99 | const: {{ next_hop.outgoing_interface }} 100 | {% endif %} 101 | {% endfor %} 102 | {% endif %} 103 | {% if route.next_hop.outgoing_interface is defined and route.next_hop.outgoing_interface %} 104 | type: object 105 | required: 106 | - outgoing_interface 107 | properties: 108 | outgoing_interface: 109 | type: object 110 | required: 111 | - {{ route.next_hop.outgoing_interface }} 112 | {% endif %} 113 | {% endif %} 114 | {% if route.source_protocol is defined and route.source_protocol %} 115 | source_protocol: 116 | type: string 117 | const: {{ route.source_protocol }} 118 | {% endif %} 119 | {% endfor %} 120 | -------------------------------------------------------------------------------- /schemas/show_ip_route.yml: -------------------------------------------------------------------------------- 1 | type: object 2 | properties: 3 | vrf: 4 | type: object 5 | properties: 6 | default: 7 | type: object 8 | properties: 9 | address_family: 10 | type: object 11 | properties: 12 | ipv4: 13 | type: object 14 | properties: 15 | routes: 16 | type: object 17 | required: 18 | - 172.16.0.0/16 19 | - 192.168.1.0/24 20 | - 192.168.2.0/24 21 | required: 22 | - routes 23 | required: 24 | - ipv4 25 | required: 26 | - address_family 27 | required: 28 | - default 29 | required: 30 | - vrf -------------------------------------------------------------------------------- /schemas/stig/CISC-ND-000010.schema: -------------------------------------------------------------------------------- 1 | { 2 | 3 | "$id": "nd_000010.schema", 4 | "description": "STIG ID: CISC-ND-000010", 5 | 6 | "type": "object", 7 | "required": [ 8 | "openconfig-system-ext:ip-http-max-connections" 9 | ], 10 | "properties": { 11 | "openconfig-system-ext:ip-http-max-connections": { 12 | "minimum": 2, 13 | "maximum": 2 14 | } 15 | } 16 | } 17 | 18 | -------------------------------------------------------------------------------- /schemas/stig/CISC-ND-000380.schema: -------------------------------------------------------------------------------- 1 | { 2 | 3 | "$id": "nd_000380.schema", 4 | "description": "STIG ID: CISC-ND-000380", 5 | 6 | "type": "object", 7 | "required": [ 8 | "openconfig-system-ext:file-privilege" 9 | ], 10 | "properties": { 11 | "openconfig-system-ext:file-privilege": { 12 | "minimum": 15, 13 | "maximum": 15 14 | } 15 | } 16 | } 17 | 18 | -------------------------------------------------------------------------------- /schemas/stig/CISC-ND-000470.schema: -------------------------------------------------------------------------------- 1 | { 2 | 3 | "$id": "nd_000470.schema", 4 | "description": "STIG ID: CISC-ND-000470", 5 | 6 | "type": "object", 7 | "required": [ 8 | "openconfig-system-ext:ip-boot_server", 9 | "openconfig-system-ext:ip-bootp_server", 10 | "openconfig-system-ext:ip-dns_server", 11 | "openconfig-system-ext:ip-identd", 12 | "openconfig-system-ext:ip-http_server", 13 | "openconfig-system-ext:ip_rcmd_rcp_enable", 14 | "openconfig-system-ext:ip_rcmd_rsh_enable", 15 | "openconfig-system-ext:service_config", 16 | "openconfig-system-ext:service_finger", 17 | "openconfig-system-ext:service_tcp_small_servers", 18 | "openconfig-system-ext:service_udp_small_servers" 19 | ], 20 | "properties": { 21 | "openconfig-system-ext:ip-boot_server": { 22 | "const": false 23 | }, 24 | "openconfig-system-ext:ip-bootp_server": { 25 | "const": false 26 | }, 27 | "openconfig-system-ext:ip-dns_server": { 28 | "const": false 29 | }, 30 | "openconfig-system-ext:ip-identd": { 31 | "const": false 32 | }, 33 | "openconfig-system-ext:ip-http_server": { 34 | "const": false 35 | }, 36 | "openconfig-system-ext:ip_rcmd_rcp_enable": { 37 | "const": false 38 | }, 39 | "openconfig-system-ext:ip_rcmd_rsh_enable": { 40 | "const": false 41 | }, 42 | "openconfig-system-ext:service_config": { 43 | "const": false 44 | }, 45 | "openconfig-system-ext:service_finger": { 46 | "const": false 47 | }, 48 | "openconfig-system-ext:service_tcp_small_servers": { 49 | "const": false 50 | }, 51 | "openconfig-system-ext:service_udp_small_servers": { 52 | "const": false 53 | } 54 | } 55 | 56 | } 57 | 58 | -------------------------------------------------------------------------------- /schemas/stig/CISC-ND-001030.schema: -------------------------------------------------------------------------------- 1 | { 2 | 3 | "$id": "nd_001030.schema", 4 | "description": "STIG ID: CISC-ND-001030", 5 | 6 | "type": "object", 7 | "required": [ 8 | "config" 9 | ], 10 | "properties": { 11 | "config": { 12 | "type": "object", 13 | "required": [ 14 | "enabled" 15 | ], 16 | "properties": { 17 | "enabled": { 18 | "const": true 19 | } 20 | } 21 | } 22 | } 23 | } 24 | 25 | -------------------------------------------------------------------------------- /schemas/stig/CISC-ND-001310.schema: -------------------------------------------------------------------------------- 1 | { 2 | 3 | "$id": "nd_001310.schema", 4 | "description": "STIG ID: CISC-ND-001310", 5 | 6 | "type": "object", 7 | "required": [ 8 | "config" 9 | ], 10 | "properties": { 11 | "config": { 12 | "type": "object", 13 | "required": [ 14 | "enabled" 15 | ], 16 | "properties": { 17 | "enabled": { 18 | "const": true 19 | } 20 | } 21 | } 22 | } 23 | } 24 | 25 | -------------------------------------------------------------------------------- /schemas/stig/CISC-ND_IOSXE.schema: -------------------------------------------------------------------------------- 1 | { 2 | "$id": "https://cisco.com/CISC-ND_IOSXE.json", 3 | "$schema": "https://json-schema.org/draft/2020-12/schema", 4 | "title": "CISC-ND_IOSXE", 5 | 6 | "type": "object", 7 | "required": ["openconfig-system:system"], 8 | "properties": { 9 | "openconfig-system:system": { 10 | "type": "object", 11 | "required": ["config", "ntp"], 12 | "properties": { 13 | "config": { 14 | "description": "STIG: CISC_IOSXE-ND", 15 | "$ref": "file:./CISC_IOSXE-ND.schema" 16 | }, 17 | "ntp": { 18 | "description": "STIG: CISC_IOSXE-ND", 19 | "$ref": "file:./CISC_IOSXE-ND_NTP.schema" 20 | } 21 | } 22 | } 23 | } 24 | } 25 | 26 | -------------------------------------------------------------------------------- /schemas/stig/CISC_IOSXE-ND.schema: -------------------------------------------------------------------------------- 1 | { 2 | 3 | "$id": "https://cisco.com/CISC_IOSXE-ND.schema", 4 | 5 | "allOf": [ 6 | { "$ref": "file:./CISC-ND-000010.schema"} 7 | ] 8 | } 9 | -------------------------------------------------------------------------------- /schemas/stig/CISC_IOSXE-ND_NTP.schema: -------------------------------------------------------------------------------- 1 | { 2 | 3 | "$id": "https://cisco.com/CISC_IOSXE-ND_NTP.schema", 4 | 5 | "allOf": [ 6 | { "$ref": "file:./CISC-ND-001030.schema"}, 7 | { "$ref": "file:./CISC-ND-001310.schema"} 8 | ] 9 | } 10 | --------------------------------------------------------------------------------